CVE-2024-12782

Name of the Vulnerable Software and Affected Versions Fujifilm Apeos C3070, Apeos C5570, and Apeos C6580 versions up to 24.8.28

Description A critical issue has been reported, affecting the Web Interface component of the Fujifilm Apeos devices. The issue is related to improper authorization and can be initiated remotely. It affects unknown code of the file /home/index.html#hashHome. The exploit has been disclosed to the public and may be used. However, the real existence of this issue is still doubted, and the vendor explains that the reported behaviors are intended or not reproduced.

Recommendations For Fujifilm Apeos C3070, Apeos C5570, and Apeos C6580 versions up to 24.8.28, consider restricting access to the Web Interface component until further clarification or a fix is provided by the vendor. As a temporary workaround, consider disabling remote access to the /home/index.html#hashHome file until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this issue.