Skip to main content

Bizhub 368 Firmware

3 CVEs product

Monthly

CVE-2022-29588 HIGH This Week

Konica Minolta bizhub MFP devices before 2022-04-14 use cleartext password storage for the /var/log/nginx/html/ADMINPASS and /etc/shadow files. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Nginx Information Disclosure Bizhub 226I Firmware Bizhub 227 Firmware Bizhub 246I Firmware +42
NVD
CVSS 3.1
7.5
EPSS
1.7%
CVE-2022-29587 MEDIUM POC This Month

Konica Minolta bizhub MFP devices before 2022-04-14 have an internal Chromium browser that executes with root (aka superuser) access privileges. Rated medium severity (CVSS 4.0). Public exploit code available and no vendor patch available.

Google Privilege Escalation Bizhub 226I Firmware Bizhub 227 Firmware Bizhub 246I Firmware +42
NVD
CVSS 3.1
4.0
EPSS
0.4%
CVE-2022-29586 HIGH This Week

Konica Minolta bizhub MFP devices before 2022-04-14 allow a Sandbox Escape. Rated high severity (CVSS 7.4), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Bizhub 226I Firmware Bizhub 227 Firmware Bizhub 246I Firmware Bizhub 287 Firmware +41
NVD
CVSS 3.1
7.4
EPSS
0.4%
EPSS 2% CVSS 7.5
HIGH This Week

Konica Minolta bizhub MFP devices before 2022-04-14 use cleartext password storage for the /var/log/nginx/html/ADMINPASS and /etc/shadow files. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Nginx Information Disclosure Bizhub 226I Firmware +44
NVD
EPSS 0% CVSS 4.0
MEDIUM POC This Month

Konica Minolta bizhub MFP devices before 2022-04-14 have an internal Chromium browser that executes with root (aka superuser) access privileges. Rated medium severity (CVSS 4.0). Public exploit code available and no vendor patch available.

Google Privilege Escalation Bizhub 226I Firmware +44
NVD
EPSS 0% CVSS 7.4
HIGH This Week

Konica Minolta bizhub MFP devices before 2022-04-14 allow a Sandbox Escape. Rated high severity (CVSS 7.4), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Bizhub 226I Firmware Bizhub 227 Firmware +43
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy