Crucial vulnerabilities in Xerox FreeFlow Core, a widely-used print orchestration platform, permit unauthenticated distant attackers to execute malicious code on susceptible methods.
The failings, tracked as CVE-2025-8355 and CVE-2025-8356, have an effect on the JMF Shopper service and have been patched in FreeFlow Core model 8.0.5.
Key Takeaways1. Two vital vulnerabilities in Xerox FreeFlow Core permit distant code execution assaults.2. Print outlets, universities, and authorities businesses utilizing FreeFlow Core are in danger.3. Improve instantly to patch vulnerabilities.
The vulnerabilities have been initially found throughout an investigation of what seemed to be a false constructive detection, finally revealing severe safety weaknesses that would compromise methods dealing with delicate pre-publication advertising supplies and industrial printing operations.
XXE Injection Vulnerability
Horizon3.ai experiences that the vulnerability, CVE-2025-8355, is an XML Exterior Entity (XXE) injection flaw affecting the JMF Shopper service listening on port 4004.
This service processes Job Message Format (JMF) messages for managing print jobs and standing reporting. The vulnerability exists within the jmfclient.jar binary, which incorporates an XML parsing utility that fails to correctly sanitize or prohibit XML Exterior Entity utilization.
Attackers can exploit this weak point by submitting specifically crafted XML requests to carry out Server-Aspect Request Forgery (SSRF) assaults.
The XML parser processes exterior entities with out validation, permitting malicious actors to learn native information, scan inside networks, or probably entry delicate data from backend methods.
This vulnerability supplies an entry level for reconnaissance actions and could be chained with different assaults to escalate privileges throughout the goal atmosphere.
Path Traversal Vulnerability
The extra extreme vulnerability, CVE-2025-8356, is a path traversal flaw found within the file processing mechanism of JMF instructions.
Safety researchers recognized that the processIncomingRQEMessage() operate fails to validate file paths throughout add operations correctly, enabling listing traversal assaults.
Attackers can craft malicious JMF command messages containing “../” sequences to flee the meant add listing and write information to arbitrary areas on the server filesystem.
This functionality permits placement of webshells in publicly accessible directories, resulting in distant code execution.
FreeFlow Core Vulnerability
Whereas the JMF Shopper service on port 4004 can’t immediately serve uploaded information, the first internet portals present the required performance to execute malicious payloads, making this vulnerability significantly harmful for organizations operating FreeFlow Core installations.
CVE IDTitleCVSS 3.1 ScoreSeverityCVE-2025-8355External XML Entity (XXE) Injection Vulnerability7.5HighCVE-2025-8356Path Traversal Vulnerability9.8Critical
Each vulnerabilities pose important dangers to organizations utilizing FreeFlow Core, significantly industrial print outlets, universities, authorities businesses, and advertising suppliers who deal with delicate pre-publication supplies.
Xerox has addressed these points in FreeFlow Core model 8.0.5, and safety consultants strongly advocate instant upgrades to stop potential exploitation of those vital flaws.
Increase your SOC and assist your workforce shield what you are promoting with free top-notch risk intelligence: Request TI Lookup Premium Trial.
