Multiple vulnerabilities in B/W small multifunction and single-function printers
Dear Customers,
We deeply appreciate your constant patronage to Konica Minolta products.
Multiple security vulnerabilities have been newly identified in the indicated models.
This advisory provides an overview of the issues and the recommended countermeasures.
Please note that, at the time of writing, there have been no confirmed security incidents globally resulting from the exploitation of these vulnerabilities.
Overview of the vulnerabilities
Ref. ID | Vulnerabilities description | Reference web site |
CVE-2017-9765 | Stack Buffer Overflow Vulnerability | |
CVE-2024-2169 | Infinite Loop of Messages Between Servers | |
CVE-2024-51977 | Possibility of information leakage in the printer | |
CVE-2024-51978 | Possibility of Authentication Bypass | |
CVE-2024-51979 | Possible Stack Overflow | |
CVE-2024-51980 | Possibility of a forced TCP connection | |
CVE-2024-51981 | Possibility of arbitrary HTTP request execution | |
CVE-2024-51983 | External attacks can cause device to crash | |
CVE-2024-51984 | Possibility of information leakage in the printer due to pass-back attacks |
Note: CVE-2024-51978 and CVE-2024-51979 have no impact on bizhub 3080MF/3000MF
Affected Models and the countermeasure firmware
Product name | Program name | Affected version | Fixed version |
bizhub 5020i | Main-Firmware | U2406280431(Ver R) or earlier | U2412241059 (Ver S)or later |
Sub-Firmware | 1.13 or earlier | 1.15 or later | |
bizhub 5000i | Main-Firmware | 1.32 or earlier | 1.33 or later |
Sub-Firmware | 1.13 or earlier | 1.15 or later | |
bizhub 4020i | Main-Firmware | U2406280431(Ver R)or earlier | U2412241059(Ver S)or later |
Sub-Firmware | 1.13 or earlier | 1.15 or later | |
bizhub 4000i | Main-Firmware | 1.28 or earlier | 1.29 or later |
Sub-Firmware | 1.13 or earlier | 1.15 or later | |
bizhub 3080MF | Controller firmware | N2403271808 or earlier | P2412101158 or later |
bizhub 3000MF | Controller firmware | M2403271743 or earlier | N2412101132 or later |
Remediations
2.1 Firmware update The above vulnerabilities are remediated by applying a firmware upgrade to the affected devices. To enable the swiftest remediation for customers the firmware has been made available for customers to download and apply to affected devices.
2.2 Password updating As an additional mitigation we recommend that if the default administrator password has not yet been changed it is updated to a complex and unique password immediately after the firmware upgrade. For further information on how to do this, user manuals can be found
Vulnerability Specific Recommendations
Ref. ID | Mitigations |
CVE-2017-9765 | Disable WSD feature. |
CVE-2024-2169 | Disable TFTP. |
CVE-2024-51977 | Upgrade to the latest firmware. (There is no workaround available.) |
CVE-2024-51978 | Change the administrator password from the default value. |
CVE-2024-51979 | Change the administrator password from the default value. |
CVE-2024-51980 | Disable WSD feature. |
CVE-2024-51981 | Disable WSD feature. |
CVE-2024-51983 | Disable WSD feature. |
CVE-2024-51984 | Disable WSD feature. |
Firmware update procedure
Important Note Before proceeding, please verify the sub firmware version of your device. If the sub firmware is identified as b.X (for example, b.12), the downloadable firmware update should not be installed. In such cases, please contact your Konica Minolta service representative for further assistance.
General Security Recommendations
To ensure a secure operating posture for your multifunction devices, and to reduce exposure to the vulnerabilities described in this advisory, Konica Minolta strongly recommends applying the following configuration best practices: