PT-2022-19709 · Konica Minolta · Konica Minolta Bizhub Mfp
Johannes Kruchem
+1
·
Published
2022-05-16
·
Updated
2022-10-11
·
CVE-2022-29586
CVSS v3.1
7.4
High
| Vector | AV:P/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
Konica Minolta bizhub MFP devices before 2022-04-14
Description
The issue allows a Sandbox Escape. To exploit this, an attacker must attach a keyboard to a USB port, press F12, and then escape from the kiosk mode.
Recommendations
For Konica Minolta bizhub MFP devices before 2022-04-14, update to a version released after 2022-04-14 to resolve the issue. As a temporary workaround, consider restricting physical access to the devices' USB ports to minimize the risk of exploitation.
Fix
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Konica Minolta Bizhub Mfp