KYOCERA Document Solutions
Security vulnerabilities in our products
A security vulnerability has been identified in Kyocera Document Solutions’ MFPs and printers. The following is an overview of the issue and how to resolve it. As of the date of publication of this notice, we have not confirmed any attacks that take advantage of this vulnerability.
Vulnerability description
Vulnerability number: JVN#46345126
https://jvn.jp/en/jp/JVN46345126/
- Session Management Defects in Command Center Vulnerability (CVE-2022-41798)
- Inadequate Authentication of Command Center (CVE-2022-41807)
- Cross-site scripting vulnerability in Command Center (CVE-2022-41830)
Countermeasures
Kyocera Document Solutions is providing firmware that addresses the security vulnerability. This vulnerability is not expected to have any impact unless it is introduced into the customer's network from the outside. Firewalls and other security measures are recommended.
Please contact the Kyocera Document Solutions sales company / partner in your region for information on changing the firmware.
Products affected by this vulnerability
For information on how this vulnerability affects products developed, manufactured, and sold by Kyocera Document Solutions, please contact your local distributor where you purchased the product.
Inquiries
Customers except within EU
KYOCERA Document Solutions Inc., Corporate Communication Section
Customers within EU
KYOCERA Document Solutions Europe B.V.
Kyocera Document Solutions Inc. ensures adherence to local data protection regulations. We have detected that your inquiry comes from within the EU. Therefore, due to the EU's General Data Protection Regulation, please note that your request will be forwarded to our regional headquarter: Kyocera Document Solutions Europe.
| * | This article is current, as of the date of publication. |
