An pressing safety replace has been launched for Xerox FreeFlow Core software program, addressing two essential vulnerabilities that would enable attackers to execute distant code and carry out server-side request forgery assaults.
The vulnerabilities, recognized as CVE-2025-8355 and CVE-2025-8356, have an effect on FreeFlow Core model 8.0.4 and require rapid patching to forestall potential exploitation.
Safety researchers at Horizon3.ai found these flaws and labored collaboratively with Xerox to develop acceptable mitigations.
Key Takeaways1. Xerox FreeFlow Core v8.0.4 has XXE/SSRF and Path Traversal/RCE vulnerabilities.2. Attackers can bypass firewalls, entry delicate knowledge.3. Improve instantly to forestall exploitation.
SSRF and RCE Vulnerabilities
The primary vulnerability, CVE-2025-8355, entails an XML Exterior Entity (XXE) processing flaw that results in Server-Facet Request Forgery (SSRF) assaults.
One of these vulnerability happens when an utility processes XML enter with out correctly disabling exterior entity references, permitting attackers to govern the XML parser to make unauthorized requests to inside techniques.
Via SSRF exploitation, malicious actors can doubtlessly entry delicate inside assets, bypass firewall restrictions, and collect intelligence concerning the goal community infrastructure.
The second and extra extreme vulnerability, CVE-2025-8356, represents a path traversal weak point that may escalate to Distant Code Execution (RCE).
Path traversal vulnerabilities allow attackers to entry information and directories exterior the meant utility scope by manipulating file paths with particular characters like “../” sequences.
When efficiently exploited, this vulnerability can enable attackers to add malicious information, execute arbitrary instructions on the server, and doubtlessly achieve full management over the affected system.
CVETitleSeverityCVE-2025-8355XML Exterior Entity (XXE) resulting in Server-Facet Request Forgery (SSRF)IMPORTANTCVE-2025-8356Path Traversal resulting in Distant Code Execution (RCE)IMPORTANT
Mitigations
Xerox issued a Safety Bulletin on August 8, 2025, emphasizing the essential nature of those vulnerabilities and urging rapid remediation.
The corporate has rated each vulnerabilities at an “IMPORTANT” severity degree, indicating vital potential affect on affected techniques.
Organizations operating FreeFlow Core of their print infrastructure face substantial threat if these vulnerabilities stay unpatched, as profitable exploitation might compromise total community segments.
Jimi Sebree from Horizon3.ai collaborated with Xerox’s safety crew by way of accountable disclosure practices, guaranteeing that correct fixes have been developed earlier than public announcement.
Xerox has launched FreeFlow Core model 8.0.5 because the definitive answer, which incorporates complete patches for each CVE-2025-8355 and CVE-2025-8356.
Organizations ought to prioritize rapid deployment of this replace by way of official Xerox distribution channels to forestall potential assaults focusing on these newly disclosed vulnerabilities.
Equip your SOC with full entry to the most recent risk knowledge from ANY.RUN TI Lookup that may Enhance incident response -> Get 14-day Free Trial
