Bizhub C227 Firmware
Monthly
Konica Minolta bizhub MFP devices before 2022-04-14 use cleartext password storage for the /var/log/nginx/html/ADMINPASS and /etc/shadow files. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Konica Minolta bizhub MFP devices before 2022-04-14 have an internal Chromium browser that executes with root (aka superuser) access privileges. Rated medium severity (CVSS 4.0). Public exploit code available and no vendor patch available.
Konica Minolta bizhub MFP devices before 2022-04-14 allow a Sandbox Escape. Rated high severity (CVSS 7.4), this vulnerability is low attack complexity. No vendor patch available.
Konica Minolta bizhub MFP devices before 2022-04-14 use cleartext password storage for the /var/log/nginx/html/ADMINPASS and /etc/shadow files. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Konica Minolta bizhub MFP devices before 2022-04-14 have an internal Chromium browser that executes with root (aka superuser) access privileges. Rated medium severity (CVSS 4.0). Public exploit code available and no vendor patch available.
Konica Minolta bizhub MFP devices before 2022-04-14 allow a Sandbox Escape. Rated high severity (CVSS 7.4), this vulnerability is low attack complexity. No vendor patch available.