Xerox has issued security updates for vulnerabilities CVE-2025-8355 and CVE-2025-8356 in its FreeFlow Core software, which pose risks of SSRF and remote code execution. Organizations using version 8.0.4 are urged to upgrade to 8.0.5 immediately to protect against potential exploitation. #XeroxVulnerabilities #FreeFlowCore #SSRF #RemoteCodeExecution
Keypoints
- Xerox released security patches for critical vulnerabilities in FreeFlow Core version 8.0.4.
- The vulnerabilities, CVE-2025-8355 and CVE-2025-8356, can lead to SSRF and remote code execution.
- Exploitation of these flaws could result in full system compromise and data breaches.
- The issues were responsibly disclosed by security researcher Jimi Sebree in collaboration with Xerox.
- Organizations should immediately upgrade to version 8.0.5 and implement additional security measures.
Read More: https://thecyberexpress.com/xerox-fixes-cve-2025-8355-and-8356/