CVE-2022-29587

Exploit

EPSS 0.05%
Veröffentlicht 16.05.2022 06:15:08
Zuletzt bearbeitet 21.11.2024 06:59:21
Quelle cve@mitre.org
CVE-Watchlists
Login
Unerledigt
Login

Konica Minolta bizhub MFP devices before 2022-04-14 have an internal Chromium browser that executes with root (aka superuser) access privileges.

Betroffene Produkte Warnungen 0 Metriken 3 CWE 1 Referenzen 5

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Konicaminolta ≫ Bizhub 226i Firmware Version < 2022-04-14

Konicaminolta ≫ Bizhub 226i Version-

Konicaminolta ≫ Bizhub 227 Firmware Version < 2022-04-14

Konicaminolta ≫ Bizhub 227 Version-

Konicaminolta ≫ Bizhub 246i Firmware Version < 2022-04-14

Konicaminolta ≫ Bizhub 246i Version-

Konicaminolta ≫ Bizhub 287 Firmware Version < 2022-04-14

Konicaminolta ≫ Bizhub 287 Version-

Konicaminolta ≫ Bizhub 306i Firmware Version < 2022-04-14

Konicaminolta ≫ Bizhub 306i Version-

Konicaminolta ≫ Bizhub 308 Firmware Version < 2022-04-14

Konicaminolta ≫ Bizhub 308 Version-

Konicaminolta ≫ Bizhub 308e Firmware Version < 2022-04-14

Konicaminolta ≫ Bizhub 308e Version-

Konicaminolta ≫ Bizhub 367 Firmware Version < 2022-04-14

Konicaminolta ≫ Bizhub 367 Version-

Konicaminolta ≫ Bizhub 368 Firmware Version < 2022-04-14

Konicaminolta ≫ Bizhub 368 Version-

Konicaminolta ≫ Bizhub 368e Firmware Version < 2022-04-14

Konicaminolta ≫ Bizhub 368e Version-

Konicaminolta ≫ Bizhub 4052 Firmware Version < 2022-04-14

Konicaminolta ≫ Bizhub 4052 Version-

Konicaminolta ≫ Bizhub 458 Firmware Version < 2022-04-14

Konicaminolta ≫ Bizhub 458 Version-

Konicaminolta ≫ Bizhub 458e Firmware Version < 2022-04-14

Konicaminolta ≫ Bizhub 458e Version-

Konicaminolta ≫ Bizhub 4752 Firmware Version < 2022-04-14

Konicaminolta ≫ Bizhub 4752 Version-

Konicaminolta ≫ Bizhub 558 Firmware Version < 2022-04-14

Konicaminolta ≫ Bizhub 558 Version-

Konicaminolta ≫ Bizhub 558e Firmware Version < 2022-04-14

Konicaminolta ≫ Bizhub 558e Version-

Konicaminolta ≫ Bizhub 658e Firmware Version < 2022-04-14

Konicaminolta ≫ Bizhub 658e Version-

Konicaminolta ≫ Bizhub 758 Firmware Version < 2022-04-14

Konicaminolta ≫ Bizhub 758 Version-

Konicaminolta ≫ Bizhub 808 Firmware Version < 2022-04-14

Konicaminolta ≫ Bizhub 808 Version-

Konicaminolta ≫ Bizhub 958 Firmware Version < 2022-04-14

Konicaminolta ≫ Bizhub 958 Version-

Konicaminolta ≫ Bizhub C227 Firmware Version < 2022-04-14

Konicaminolta ≫ Bizhub C227 Version-

Konicaminolta ≫ Bizhub C250i Firmware Version < 2022-04-14

Konicaminolta ≫ Bizhub C250i Version-

Konicaminolta ≫ Bizhub C258 Firmware Version < 2022-04-14

Konicaminolta ≫ Bizhub C258 Version-

Konicaminolta ≫ Bizhub C287 Firmware Version < 2022-04-14

Konicaminolta ≫ Bizhub C287 Version-

Konicaminolta ≫ Bizhub C300i Firmware Version < 2022-04-14

Konicaminolta ≫ Bizhub C300i Version-

Konicaminolta ≫ Bizhub C308 Firmware Version < 2022-04-14

Konicaminolta ≫ Bizhub C308 Version-

Konicaminolta ≫ Bizhub C3300i Firmware Version < 2022-04-14

Konicaminolta ≫ Bizhub C3300i Version-

Konicaminolta ≫ Bizhub C3320i Firmware Version < 2022-04-14

Konicaminolta ≫ Bizhub C3320i Version-

Konicaminolta ≫ Bizhub C3350i Firmware Version < 2022-04-14

Konicaminolta ≫ Bizhub C3350i Version-

Konicaminolta ≫ Bizhub C3351 Firmware Version < 2022-04-14

Konicaminolta ≫ Bizhub C3351 Version-

Konicaminolta ≫ Bizhub C360i Firmware Version < 2022-04-14

Konicaminolta ≫ Bizhub C360i Version-

Konicaminolta ≫ Bizhub C368 Firmware Version < 2022-04-14

Konicaminolta ≫ Bizhub C368 Version-

Konicaminolta ≫ Bizhub C3851 Firmware Version < 2022-04-14

Konicaminolta ≫ Bizhub C3851 Version-

Konicaminolta ≫ Bizhub C3851fs Firmware Version < 2022-04-14

Konicaminolta ≫ Bizhub C3851fs Version-

Konicaminolta ≫ Bizhub C4000i Firmware Version < 2022-04-14

Konicaminolta ≫ Bizhub C4000i Version-

Konicaminolta ≫ Bizhub C4050i Firmware Version < 2022-04-14

Konicaminolta ≫ Bizhub C4050i Version-

Konicaminolta ≫ Bizhub C450i Firmware Version < 2022-04-14

Konicaminolta ≫ Bizhub C450i Version-

Konicaminolta ≫ Bizhub C458 Firmware Version < 2022-04-14

Konicaminolta ≫ Bizhub C458 Version-

Konicaminolta ≫ Bizhub C550i Firmware Version < 2022-04-14

Konicaminolta ≫ Bizhub C550i Version-

Konicaminolta ≫ Bizhub C558 Firmware Version < 2022-04-14

Konicaminolta ≫ Bizhub C558 Version-

Konicaminolta ≫ Bizhub C650i Firmware Version < 2022-04-14

Konicaminolta ≫ Bizhub C650i Version-

Konicaminolta ≫ Bizhub C658 Firmware Version < 2022-04-14

Konicaminolta ≫ Bizhub C658 Version-

Konicaminolta ≫ Bizhub C659 Firmware Version < 2022-04-14

Konicaminolta ≫ Bizhub C659 Version-

Konicaminolta ≫ Bizhub C759 Firmware Version < 2022-04-14

Konicaminolta ≫ Bizhub C759 Version-

Konicaminolta ≫ Bizhub Pro958 Firmware Version < 2022-04-14

Konicaminolta ≫ Bizhub Pro958 Version-

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.05%	0.16

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	4	0.4	3.6	CVSS:3.1/AV:P/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N
nvd@nist.gov	4.7	3.4	6.9	AV:L/AC:M/Au:N/C:C/I:N/A:N

CWE-269 Improper Privilege Management

The product does not properly assign, modify, track, or check privileges for an actor, creating an unintended sphere of control for that actor.

https://sec-consult.com/vulnerability-lab/

Third Party Advisory

https://sec-consult.com/vulnerability-lab/advisory/sandbox-escape-with-root-access-clear-text-passwords-in-konica-minolta-bizhub-mfp-printer-terminals/

Third Party Advisory

Exploit

https://nvd.nist.gov/vuln/detail/CVE-2022-29587

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2022-29587

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2022-29587

EUVD

Team-orientierte Vulnerability Management Plattform

Features der Plattform

CVE-2022-29587