JVNVU#95192472
Multiple vulnerabilities in KONICA MINOLTA MFPs and printing systems
Overview
KONICA MINOLTA multi-function printers (MFP) and printing systems contain multiple vulnerabilities.
Products Affected
A wide range of products and versions are affected.
For more information, refer to the information provided by the developer.
Description
Multi-function printers (MFP) and printing systems provided by KONICA MINOLTA, INC. contain multiple vulnerabilities listed below.
- Incorrect authorization (CWE-863) - CVE-2021-20868
CVSS v3 CVSS:3.1/AV:A/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N Base Score: 4.2 - Exposure of sensitive information to an unauthorized actor (CWE-200) - CVE-2021-20869
CVSS v3 CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N Base Score: 5.3 - Improper handling of exceptional conditions (CWE-755) - CVE-2021-20870
CVSS v3 CVSS:3.1/AV:P/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N Base Score: 4.0 - Exposure of sensitive information to an unauthorized actor (CWE-200) - CVE-2021-20871
CVSS v3 CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N Base Score: 5.3 - Protection mechanism failure (CWE-693) - CVE-2021-20872
CVSS v3 CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H Base Score: 6.4
Impact
- If external server authentication is enabled, user credentials may be obtained via a specific SOAP message sent by an administrative user. - CVE-2021-20868
- If LDAP server authentication is enabled, some of user credentials may be obtained via a specific SOAP message. - CVE-2021-20869
- When scanned data transmission is stopped due to the network error, unsent scanned image data may be obtained by ejecting a HDD before the scan job times out. - CVE-2021-20870
- When the destination information including credentials are registered in the address book, the credentials may be obtained via a specific SOAP message. - CVE-2021-20871
- The firmware integrity verification is bypassed, and malicious firmware may be installed. - CVE-2021-20872
Solution
Update the firmware
Update the firmware to the latest version according to the information provided by the developer.
The developer states that the firmware update will be applied on remote maintenance or KONICA MINOLTA customer engineer's on-site maintenance.
Apply workarounds
Applying the following workarounds may mitigate the impacts of these vulnerabilities.
- Encrypt HDD/SSD
- Change the initial administrative password to some hard-to-guess one
- Use a private IP address and set up a firewall to prevent unauthorized accesses from outside
- Properly configure security functions implemented in the products
Vendor Status
| Vendor | Link |
| KONICA MINOLTA, INC. | Multiple vulnerabilities in Konica Minolta multifunction printers and single-function printers |
References
JPCERT/CC Addendum
Vulnerability Analysis by JPCERT/CC
Credit
KONICA MINOLTA, INC. reported these vulnerabilities to JPCERT/CC to notify users of the solutions through JVN.
Other Information
| JPCERT Alert |
|
| JPCERT Reports |
|
| CERT Advisory |
|
| CPNI Advisory |
|
| TRnotes |
|
| CVE |
CVE-2021-20868 |
|
CVE-2021-20869 |
|
|
CVE-2021-20870 |
|
|
CVE-2021-20871 |
|
|
CVE-2021-20872 |
|
| JVN iPedia |
|