VYPR

bizhub MFP

by Konicaminolta

CVEs (3)

  • CVE-2022-29588HigMay 16, 2022
    risk 0.49cvss 7.5epss 0.02

    Konica Minolta bizhub MFP devices before 2022-04-14 use cleartext password storage for the /var/log/nginx/html/ADMINPASS and /etc/shadow files.

  • CVE-2022-29586HigMay 16, 2022
    risk 0.48cvss 7.4epss 0.00

    Konica Minolta bizhub MFP devices before 2022-04-14 allow a Sandbox Escape. An attacker must attach a keyboard to a USB port, press F12, and then escape from the kiosk mode.

  • CVE-2022-29587MedMay 16, 2022
    risk 0.26cvss 4.0epss 0.00

    Konica Minolta bizhub MFP devices before 2022-04-14 have an internal Chromium browser that executes with root (aka superuser) access privileges.