Urgent/11 and You

October 22, 2019 by
Urgent/11 and You
Matthew Almendinger

Many of our clients using Buckeye and Telesystem services received a notice this morning regarding a set of zero-day vulnerabilities known as "Urgent/11" for devices running the VxWorks realtime operating system or VxWorks IPnet TCP/IP stack.

To help our clients understand the impact of this vulnerability, we are sharing the known impact of these vulnerabilities with respect to solutions provided by Lighthouse IT Solutions.

The extent of Urgent/11 is quite massive in size, due to its lightweight, high-performance nature and can be found commonly in medical devices, IP phones, firewalls, industrial controllers, elevators, and more. With this in mind, it may be necessary to contact other technology vendors to ensure that Urgent/11 does not affect a device outside of our partnerships.

At this time, we have only identified 1 partner in the Lighthouse IT Solution Stack affected by Urgent/11 vulnerabilities and are working to identify customers with affected products and plan for remediation.

Currently affected products:

The following Xerox devices are currently known to be impacted:

Phaser 3260, Phaser 3300, Phaser 3315/3325, Phaser 3320, Phaser 3330, Phaser 3600, Phaser 3635 MFP, Phaser 4600/4620/4622, WorkCentre 3025, WorkCentre 3210/3220, WorkCentre 3215/3225, WorkCentre 3335/3345, WorkCentre 3550, WorkCentre 4250/4260, WorkCentre 4265, and Xerox B1022/B1025, Xerox Color C60/C70 Printer, Xerox Versant 80 Press, Xerox Versant 180 Press, Xerox Versant 2100 Press, and Xerox Versant 3100 Press.

Software releases are available for:

WorkCentre 3335/3345, WorkCentre 3215/3225, Xerox B1022/B1025, Xerox Phaser 3635MFP, Xerox Phaser 4600/4620, Xerox Phaser 4622, Xerox Phaser 3330

If you are using any of these products and are not a current Harmony or Harmony SBE client, you may submit a ticket to 'helpdesk@lighthousesol.com' to confirm the vulnerability and schedule remediation.

If you are interested in having a risk assessment performed for this vulnerability, please contact us and we will work to schedule an appropriate network scan.

As necessary, we will continue to provide updates to affected products in this post.