Japan, July 14, 2014
– KYOCERA Document Solutions Inc., announced a Cross-Site scripting (XSS) vulnerability was found in the KYOCERA Command Center* (hereinafter referred to as Command Center) that is installed in the MFPs and Printers mentioned below.
*Note: KYOCERA Command Center refers to the web server that is installed in the MFPs/Printers from which you can verify the operating status of the machine and make settings related to security, network printing, email transmission and advanced networking.
A malicious attacker could cause arbitrary scripting code to be executed on the client-side web browser when the user is accessing the Command Center.
To avoid such an effect, please do not access other websites when accessing the Command Center.
・ECOSYS FS-3640MFP / 3540MFP
・ECOSYS FS-6030MFP / 6025MFP
・TASKalfa 305 / 255
・ECOSYS FS- C2626MFP / C2526MFP
・ECOSYS FS- C2126MFP+ / C2026MFP+ / C2126MFP / C2026MFP
・ECOSYS FS- C8025MFP / C8020MFP
・TASKalfa 265ci / 255c / 205c
・ECOSYS FS-C5150DN / C5250D
Please contact us for further information.