← Back

Docucentre Vii C4473 Firmware

docucentre-vii_c4473_firmware

Vendor: Fujifilm • 2 CVEs

CVEs (2)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
CVE-2022-26320
3Canon
FujifilmRambus
92Apeos C3070 Firmware
Apeos C3070 G FirmwareApeos C325 Dw Firmware+89 more
Nov 21, 2024
Mar 14, 2022
N/A· v4
9.1 CRITICAL· v3
6.4 MEDIUM· v2
The Rambus SafeZone Basic Crypto Module before 10.4.0, as used in certain Fujifilm (formerly Fuji Xerox) devices before 2022-03-01, Canon imagePROGRAF and imageRUNNER devices through 2022-03-14, and potentially many othe...Show more
The Rambus SafeZone Basic Crypto Module before 10.4.0, as used in certain Fujifilm (formerly Fuji Xerox) devices before 2022-03-01, Canon imagePROGRAF and imageRUNNER devices through 2022-03-14, and potentially many other devices, generates RSA keys that can be broken with Fermat's factorization method. This allows efficient calculation of private RSA keys from the public key of a TLS certificate.Show less
CVE-2021-43774
1Fujifilm
160Apeosport Iv 2060 Firmware
Apeosport Iv 3060 FirmwareApeosport Iv 3065 Firmware+157 more
Nov 21, 2024
Mar 3, 2022
N/A· v4
4.9 MEDIUM· v3
3.5 LOW· v2
A risky-algorithm issue was discovered on Fujifilm DocuCentre-VI C4471 1.8 devices. An attacker that obtained access to the administrative web interface of a printer (e.g., by using the default credentials) can download...Show more
A risky-algorithm issue was discovered on Fujifilm DocuCentre-VI C4471 1.8 devices. An attacker that obtained access to the administrative web interface of a printer (e.g., by using the default credentials) can download the address book file, which contains the list of users (domain users, FTP users, etc.) stored on the printer, together with their encrypted passwords. The passwords are protected by a weak cipher, such as ROT13, which requires minimal effort to instantly retrieve the original password, giving the attacker a list of valid domain or FTP usernames and passwords.Show less