LiveActive security incident?Get immediate response
CVE Record

CVE-2018-16709: Fuji Xerox DocuCentre-V 3065, ApeosPort-VI C3371, ApeosPort-V C4475, ApeosPort-V C3375, DocuCentre-VI C2271...

Fuji Xerox DocuCentre-V 3065, ApeosPort-VI C3371, ApeosPort-V C4475, ApeosPort-V C3375, DocuCentre-VI C2271, ApeosPort-V C5576, DocuCentre-IV C2263, DocuCentre-V C2263, and ApeosPort-V 5070 devices allow remote attackers to read or write to files via crafted PJL commands.

UnknownCVSS not scoredNot KEV-listedUpdated
Glexia's TakeAutomated analysishigh

Security readout for executives and security teams

Plain-English summary

Certain Fuji Xerox multifunction printers can let a remote attacker read or write device files using crafted PJL printer commands. The source bundle names multiple DocuCentre and ApeosPort models. No CVSS score or vendor fix is provided, but public exploit information is referenced, so exposed devices deserve prompt attention.

Executive priority

Prioritize discovery and network containment. The business risk is unauthorized access or modification on multifunction printers that may handle sensitive documents. Lack of a cited patch increases the need to verify vendor guidance and reduce exposure quickly.

Technical view

CVE-2018-16709 describes improper handling of crafted PJL commands on named Fuji Xerox DocuCentre and ApeosPort devices, enabling remote file read or write. The record provides model names but no CPEs, CWE, CVSS, patch version, or mitigation details. Exploit-DB is listed as a public exploit reference.

Likely exposure

Exposure is most likely where affected Fuji Xerox printers are reachable from untrusted networks, guest networks, shared office segments, or the internet. Internal-only devices still matter because printers often bridge sensitive document workflows and administrative networks.

Exploitation context

The source bundle includes an Exploit-DB reference, indicating public exploit information exists. CISA KEV status is false, and no cited source states active exploitation. Treat exploitation status as unconfirmed rather than absent.

Researcher notes

Evidence is limited to the CVE description and Exploit-DB reference. The bundle does not provide CVSS, CWE, precise vulnerable firmware versions, or remediation details. Avoid assuming affected products beyond the named models.

Mitigation direction

  • Inventory the named Fuji Xerox models in all office and print networks.
  • Check Fuji Xerox or successor vendor guidance for firmware or configuration updates.
  • Remove printer management and PJL interfaces from untrusted network reachability.
  • Restrict printer access to approved print servers and administrative networks.
  • Monitor device logs and network telemetry for unusual file-access behavior.

Validation and detection

  • Confirm whether any listed DocuCentre or ApeosPort models are deployed.
  • Verify affected printers are not reachable from internet or guest networks.
  • Review firmware versions against vendor guidance when available.
  • Check firewall rules limiting access to printer control interfaces.
  • Look for unexplained printer configuration changes or file-access anomalies.
Prepared
Confidence
medium
Sources
3

Public sources used

Generated from the cited source records. This long-tail analysis has not been individually reviewed by a named human.

Potential ATT&CK relevance

Conservative CVE-to-ATT&CK context

These mappings and lookup hints may be relevant to the vulnerability behavior, CWE, affected product, or exposure path. Glexia-inferred context is not an official MITRE, ATT&CK, CWE, or CVE Program mapping.

ATT&CK lookup starting points

Use these exact CWE pages and searches to review the Glexia ATT&CK library from this CVE's weakness and description context.

cve · low confidence lookup

CVE-2018-16709 mapping review

Open the CVE-to-ATT&CK bridge for reviewed, inferred, or future official mappings tied to this CVE.

Open ATT&CK lookup
Vulnerability profileCVE Program record
Severity
Unknown
CVSS
Not scored
Known Exploited
No
Published
Official CVE source material

CNA and ADP enrichment extracted from CVE v5

These fields come from the CVE record and ADP containers, not from Glexia's Take. They preserve time-varying source decisions such as CISA SSVC, KEV status, CVSS metrics, and provider references.

0CVSS vectors
0Timeline events
0ADP providers
2Source links

CVSS and timeline data

No CVSS vectors or timeline events were available in the normalized CVE source material.

Source materials

Affected products

Products and packages named in the record

VendorProductVersion / packageStatus
n/an/an/aListed
Weakness

CWE details

No CWE listed

CWE links open Glexia weakness intelligence pages with official CWE context, developer remediation guidance, and related CVE mappings.