PT-2025-24442 · Konica Minolta · Konica Minolta Bizhub Mfp

Upasana

Publicado

2025-06-09

Atualizado

2026-01-30

CVE-2025-5884

CVSS v3.1

5.4

Média

Vetor

AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N

Name of the Vulnerable Software and Affected Versions Konica Minolta bizhub versions up to 20250202

Description A problematic issue was found in the Display MFP Information List component. The manipulation of the Model Name argument leads to cross-site scripting. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.

Recommendations For versions up to 20250202, as a temporary workaround, consider restricting access to the Display MFP Information List component to minimize the risk of exploitation. Avoid using the Model Name argument in the affected component until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

XSS

Code Injection

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-79CWE-94

Identificadores relacionados

CVE-2025-5884

Produtos afetados

Konica Minolta Bizhub Mfp

PT-2025-24442 · Konica Minolta · Konica Minolta Bizhub Mfp

CVE-2025-5884

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 8