| Summary | Protection mechanism failure vulnerability in KONICA MINOLTA bizhub series (bizhub C750i G00-35 and earlier, bizhub C650i/C550i/C450i G00-B6 and earlier, bizhub C360i/C300i/C250i G00-B6 and earlier, bizhub 750i/650i/550i/450i G00-37 and earlier, bizhub 360i/300i G00-33 and earlier, bizhub C287i/C257i/C227i G00-19 and earlier, bizhub 306i/266i/246i/226i G00-B6 and earlier, bizhub C759/C659 GC7-X8 and earlier, bizhub C658/C558/C458 GC7-X8 and earlier, bizhub 958/808/758 GC7-X8 and earlier, bizhub 658e/558e/458e GC7-X8 and earlier, bizhub C287/C227 GC7-X8 and earlier, bizhub 287/227 GC7-X8 and earlier, bizhub 368e/308e GC7-X8 and earlier, bizhub C368/C308/C258 GC9-X4 and earlier, bizhub 558/458/368/308 GC9-X4 and earlier, bizhub C754e/C654e GDQ-M0 and earlier, bizhub 754e/654e GDQ-M0 and earlier, bizhub C554e/C454e GDQ-M1 and earlier, bizhub C364e/C284e/C224e GDQ-M1 and earlier, bizhub 554e/454e/364e/284e/224e GDQ-M1 and earlier, bizhub C754/C654 C554/C454 GR1-M0 and earlier, bizhub C364/C284/C224 GR1-M0 and earlier, bizhub 754/654 GR1-M0 and earlier, bizhub C3851FS/C3851/C3351 GC9-X4 and earlier, bizhub 4752/4052 GC9-X4 and earlier) allows a physical attacker to bypass the firmware integrity verification and to install malicious firmware. |
|---|---|
| Publication Date | Jan. 4, 2022, 1:15 p.m. |
| Registration Date | Jan. 4, 2022, 4 p.m. |
| Last Update | Nov. 21, 2024, 2:47 p.m. |
| CVSS3.1 : MEDIUM | |
| スコア | 6.8 |
|---|---|
| Vector | CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
| 攻撃元区分(AV) | 物理 |
| 攻撃条件の複雑さ(AC) | 低 |
| 攻撃に必要な特権レベル(PR) | 不要 |
| 利用者の関与(UI) | 不要 |
| 影響の想定範囲(S) | 変更なし |
| 機密性への影響(C) | 高 |
| 完全性への影響(I) | 高 |
| 可用性への影響(A) | 高 |
| CVSS2.0 : MEDIUM | |
| Score | 4.6 |
|---|---|
| Vector | AV:L/AC:L/Au:N/C:P/I:P/A:P |
| 攻撃元区分(AV) | ローカル |
| 攻撃条件の複雑さ(AC) | 低 |
| 攻撃前の認証要否(Au) | 不要 |
| 機密性への影響(C) | 低 |
| 完全性への影響(I) | 低 |
| 可用性への影響(A) | 低 |
| Get all privileges. | いいえ |
| Get user privileges | いいえ |
| Get other privileges | いいえ |
| User operation required | いいえ |
| Configuration1 | or higher | or less | more than | less than | |
| cpe:2.3:o:konicaminolta:bizhub_c759_firmware:*:*:*:*:*:*:*:* | gca-y1 | ||||
| execution environment | |||||
| 1 | cpe:2.3:h:konicaminolta:bizhub_c759:-:*:*:*:*:*:*:* | ||||
| Configuration2 | or higher | or less | more than | less than | |
| cpe:2.3:o:konicaminolta:bizhub_c659_firmware:*:*:*:*:*:*:*:* | gca-y1 | ||||
| execution environment | |||||
| 1 | cpe:2.3:h:konicaminolta:bizhub_c659:-:*:*:*:*:*:*:* | ||||
| Configuration3 | or higher | or less | more than | less than | |
| cpe:2.3:o:konicaminolta:bizhub_c658_firmware:*:*:*:*:*:*:*:* | gca-y1 | ||||
| execution environment | |||||
| 1 | cpe:2.3:h:konicaminolta:bizhub_c658:-:*:*:*:*:*:*:* | ||||
| Configuration4 | or higher | or less | more than | less than | |
| cpe:2.3:o:konicaminolta:bizhub_c558_firmware:*:*:*:*:*:*:*:* | gca-y1 | ||||
| execution environment | |||||
| 1 | cpe:2.3:h:konicaminolta:bizhub_c558:-:*:*:*:*:*:*:* | ||||
| Configuration5 | or higher | or less | more than | less than | |
| cpe:2.3:o:konicaminolta:bizhub_c458_firmware:*:*:*:*:*:*:*:* | gca-y1 | ||||
| execution environment | |||||
| 1 | cpe:2.3:h:konicaminolta:bizhub_c458:-:*:*:*:*:*:*:* | ||||
| Configuration6 | or higher | or less | more than | less than | |
| cpe:2.3:o:konicaminolta:bizhub_958_firmware:*:*:*:*:*:*:*:* | gca-y1 | ||||
| execution environment | |||||
| 1 | cpe:2.3:h:konicaminolta:bizhub_958:-:*:*:*:*:*:*:* | ||||
| Configuration7 | or higher | or less | more than | less than | |
| cpe:2.3:o:konicaminolta:bizhub_808_firmware:*:*:*:*:*:*:*:* | gca-y1 | ||||
| execution environment | |||||
| 1 | cpe:2.3:h:konicaminolta:bizhub_808:-:*:*:*:*:*:*:* | ||||
| Configuration8 | or higher | or less | more than | less than | |
| cpe:2.3:o:konicaminolta:bizhub_758_firmware:*:*:*:*:*:*:*:* | gca-y1 | ||||
| execution environment | |||||
| 1 | cpe:2.3:h:konicaminolta:bizhub_758:-:*:*:*:*:*:*:* | ||||
| Configuration9 | or higher | or less | more than | less than | |
| cpe:2.3:o:konicaminolta:bizhub_658e_firmware:*:*:*:*:*:*:*:* | gca-y1 | ||||
| execution environment | |||||
| 1 | cpe:2.3:h:konicaminolta:bizhub_658e:-:*:*:*:*:*:*:* | ||||
| Configuration10 | or higher | or less | more than | less than | |
| cpe:2.3:o:konicaminolta:bizhub_558e_firmware:*:*:*:*:*:*:*:* | gca-y1 | ||||
| execution environment | |||||
| 1 | cpe:2.3:h:konicaminolta:bizhub_558e:-:*:*:*:*:*:*:* | ||||
| Configuration11 | or higher | or less | more than | less than | |
| cpe:2.3:o:konicaminolta:bizhub_458e_firmware:*:*:*:*:*:*:*:* | gca-y1 | ||||
| execution environment | |||||
| 1 | cpe:2.3:h:konicaminolta:bizhub_458e:-:*:*:*:*:*:*:* | ||||
| Configuration12 | or higher | or less | more than | less than | |
| cpe:2.3:o:konicaminolta:bizhub_c287_firmware:*:*:*:*:*:*:*:* | gca-y0 | ||||
| execution environment | |||||
| 1 | cpe:2.3:h:konicaminolta:bizhub_c287:-:*:*:*:*:*:*:* | ||||
| Configuration13 | or higher | or less | more than | less than | |
| cpe:2.3:o:konicaminolta:bizhub_c227_firmware:*:*:*:*:*:*:*:* | gca-y0 | ||||
| execution environment | |||||
| 1 | cpe:2.3:h:konicaminolta:bizhub_c227:-:*:*:*:*:*:*:* | ||||
| Configuration14 | or higher | or less | more than | less than | |
| cpe:2.3:o:konicaminolta:bizhub_287_firmware:*:*:*:*:*:*:*:* | gca-y0 | ||||
| execution environment | |||||
| 1 | cpe:2.3:h:konicaminolta:bizhub_287:-:*:*:*:*:*:*:* | ||||
| Configuration15 | or higher | or less | more than | less than | |
| cpe:2.3:o:konicaminolta:bizhub_227_firmware:*:*:*:*:*:*:*:* | gca-y0 | ||||
| execution environment | |||||
| 1 | cpe:2.3:h:konicaminolta:bizhub_227:-:*:*:*:*:*:*:* | ||||
| Configuration16 | or higher | or less | more than | less than | |
| cpe:2.3:o:konicaminolta:bizhub_368e_firmware:*:*:*:*:*:*:*:* | gca-x8 | ||||
| execution environment | |||||
| 1 | cpe:2.3:h:konicaminolta:bizhub_368e:-:*:*:*:*:*:*:* | ||||
| Configuration17 | or higher | or less | more than | less than | |
| cpe:2.3:o:konicaminolta:bizhub_308e_firmware:*:*:*:*:*:*:*:* | gca-x8 | ||||
| execution environment | |||||
| 1 | cpe:2.3:h:konicaminolta:bizhub_308e:-:*:*:*:*:*:*:* | ||||
| Configuration18 | or higher | or less | more than | less than | |
| cpe:2.3:o:konicaminolta:bizhub_c368_firmware:*:*:*:*:*:*:*:* | gca-x4 | ||||
| execution environment | |||||
| 1 | cpe:2.3:h:konicaminolta:bizhub_c368:-:*:*:*:*:*:*:* | ||||
| Configuration19 | or higher | or less | more than | less than | |
| cpe:2.3:o:konicaminolta:bizhub_c308_firmware:*:*:*:*:*:*:*:* | gca-x4 | ||||
| execution environment | |||||
| 1 | cpe:2.3:h:konicaminolta:bizhub_c308:-:*:*:*:*:*:*:* | ||||
| Configuration20 | or higher | or less | more than | less than | |
| cpe:2.3:o:konicaminolta:bizhub_c258_firmware:*:*:*:*:*:*:*:* | gca-x4 | ||||
| execution environment | |||||
| 1 | cpe:2.3:h:konicaminolta:bizhub_c258:-:*:*:*:*:*:*:* | ||||
| Configuration21 | or higher | or less | more than | less than | |
| cpe:2.3:o:konicaminolta:bizhub_558_firmware:*:*:*:*:*:*:*:* | gca-x4 | ||||
| execution environment | |||||
| 1 | cpe:2.3:h:konicaminolta:bizhub_558:-:*:*:*:*:*:*:* | ||||
| Configuration22 | or higher | or less | more than | less than | |
| cpe:2.3:o:konicaminolta:bizhub_458_firmware:*:*:*:*:*:*:*:* | gca-x4 | ||||
| execution environment | |||||
| 1 | cpe:2.3:h:konicaminolta:bizhub_458:-:*:*:*:*:*:*:* | ||||
| Configuration23 | or higher | or less | more than | less than | |
| cpe:2.3:o:konicaminolta:bizhub_368_firmware:*:*:*:*:*:*:*:* | gca-x4 | ||||
| execution environment | |||||
| 1 | cpe:2.3:h:konicaminolta:bizhub_368:-:*:*:*:*:*:*:* | ||||
| Configuration24 | or higher | or less | more than | less than | |
| cpe:2.3:o:konicaminolta:bizhub_308_firmware:*:*:*:*:*:*:*:* | gca-x4 | ||||
| execution environment | |||||
| 1 | cpe:2.3:h:konicaminolta:bizhub_308:-:*:*:*:*:*:*:* | ||||
| Configuration25 | or higher | or less | more than | less than | |
| cpe:2.3:o:konicaminolta:bizhub_c754e_firmware:*:*:*:*:*:*:*:* | gdr-m0 | ||||
| execution environment | |||||
| 1 | cpe:2.3:h:konicaminolta:bizhub_c754e:-:*:*:*:*:*:*:* | ||||
| Configuration26 | or higher | or less | more than | less than | |
| cpe:2.3:o:konicaminolta:bizhub_c654e_firmware:*:*:*:*:*:*:*:* | gdr-m0 | ||||
| execution environment | |||||
| 1 | cpe:2.3:h:konicaminolta:bizhub_c654e:-:*:*:*:*:*:*:* | ||||
| Configuration27 | or higher | or less | more than | less than | |
| cpe:2.3:o:konicaminolta:bizhub_754e_firmware:*:*:*:*:*:*:*:* | gdr-m0 | ||||
| execution environment | |||||
| 1 | cpe:2.3:h:konicaminolta:bizhub_754e:-:*:*:*:*:*:*:* | ||||
| Configuration28 | or higher | or less | more than | less than | |
| cpe:2.3:o:konicaminolta:bizhub_654e_firmware:*:*:*:*:*:*:*:* | gdr-m0 | ||||
| execution environment | |||||
| 1 | cpe:2.3:h:konicaminolta:bizhub_654e:-:*:*:*:*:*:*:* | ||||
| Configuration29 | or higher | or less | more than | less than | |
| cpe:2.3:o:konicaminolta:bizhub_c554e_firmware:*:*:*:*:*:*:*:* | gdr-m1 | ||||
| execution environment | |||||
| 1 | cpe:2.3:h:konicaminolta:bizhub_c554e:-:*:*:*:*:*:*:* | ||||
| Configuration30 | or higher | or less | more than | less than | |
| cpe:2.3:o:konicaminolta:bizhub_c454e_firmware:*:*:*:*:*:*:*:* | gdr-m1 | ||||
| execution environment | |||||
| 1 | cpe:2.3:h:konicaminolta:bizhub_c454e:-:*:*:*:*:*:*:* | ||||
| Configuration31 | or higher | or less | more than | less than | |
| cpe:2.3:o:konicaminolta:bizhub_c364e_firmware:*:*:*:*:*:*:*:* | gdr-m1 | ||||
| execution environment | |||||
| 1 | cpe:2.3:h:konicaminolta:bizhub_c364e:-:*:*:*:*:*:*:* | ||||
| Configuration32 | or higher | or less | more than | less than | |
| cpe:2.3:o:konicaminolta:bizhub_c284e_firmware:*:*:*:*:*:*:*:* | gdr-m1 | ||||
| execution environment | |||||
| 1 | cpe:2.3:h:konicaminolta:bizhub_c284e:-:*:*:*:*:*:*:* | ||||
| Configuration33 | or higher | or less | more than | less than | |
| cpe:2.3:o:konicaminolta:bizhub_c224e_firmware:*:*:*:*:*:*:*:* | gdr-m1 | ||||
| execution environment | |||||
| 1 | cpe:2.3:h:konicaminolta:bizhub_c224e:-:*:*:*:*:*:*:* | ||||
| Configuration34 | or higher | or less | more than | less than | |
| cpe:2.3:o:konicaminolta:bizhub_554e_firmware:*:*:*:*:*:*:*:* | gdr-m1 | ||||
| execution environment | |||||
| 1 | cpe:2.3:h:konicaminolta:bizhub_554e:-:*:*:*:*:*:*:* | ||||
| Configuration35 | or higher | or less | more than | less than | |
| cpe:2.3:o:konicaminolta:bizhub_454e_firmware:*:*:*:*:*:*:*:* | gdr-m1 | ||||
| execution environment | |||||
| 1 | cpe:2.3:h:konicaminolta:bizhub_454e:-:*:*:*:*:*:*:* | ||||
| Configuration36 | or higher | or less | more than | less than | |
| cpe:2.3:o:konicaminolta:bizhub_364e_firmware:*:*:*:*:*:*:*:* | gdr-m1 | ||||
| execution environment | |||||
| 1 | cpe:2.3:h:konicaminolta:bizhub_364e:-:*:*:*:*:*:*:* | ||||
| Configuration37 | or higher | or less | more than | less than | |
| cpe:2.3:o:konicaminolta:bizhub_284e_firmware:*:*:*:*:*:*:*:* | gdr-m1 | ||||
| execution environment | |||||
| 1 | cpe:2.3:h:konicaminolta:bizhub_284e:-:*:*:*:*:*:*:* | ||||
| Configuration38 | or higher | or less | more than | less than | |
| cpe:2.3:o:konicaminolta:bizhub_224e_firmware:*:*:*:*:*:*:*:* | gdr-m1 | ||||
| execution environment | |||||
| 1 | cpe:2.3:h:konicaminolta:bizhub_224e:-:*:*:*:*:*:*:* | ||||
| Configuration39 | or higher | or less | more than | less than | |
| cpe:2.3:o:konicaminolta:bizhub_c754_firmware:*:*:*:*:*:*:*:* | gr4-m0 | ||||
| execution environment | |||||
| 1 | cpe:2.3:h:konicaminolta:bizhub_c754:-:*:*:*:*:*:*:* | ||||
| Configuration40 | or higher | or less | more than | less than | |
| cpe:2.3:o:konicaminolta:bizhub_c654_firmware:*:*:*:*:*:*:*:* | gr4-m0 | ||||
| execution environment | |||||
| 1 | cpe:2.3:h:konicaminolta:bizhub_c654:-:*:*:*:*:*:*:* | ||||
| Configuration41 | or higher | or less | more than | less than | |
| cpe:2.3:o:konicaminolta:bizhub_c554_firmware:*:*:*:*:*:*:*:* | gr4-m0 | ||||
| execution environment | |||||
| 1 | cpe:2.3:h:konicaminolta:bizhub_c554:-:*:*:*:*:*:*:* | ||||
| Configuration42 | or higher | or less | more than | less than | |
| cpe:2.3:o:konicaminolta:bizhub_c454_firmware:*:*:*:*:*:*:*:* | gr4-m0 | ||||
| execution environment | |||||
| 1 | cpe:2.3:h:konicaminolta:bizhub_c454:-:*:*:*:*:*:*:* | ||||
| Configuration43 | or higher | or less | more than | less than | |
| cpe:2.3:o:konicaminolta:bizhub_c364_firmware:*:*:*:*:*:*:*:* | gr4-m0 | ||||
| execution environment | |||||
| 1 | cpe:2.3:h:konicaminolta:bizhub_c364:-:*:*:*:*:*:*:* | ||||
| Configuration44 | or higher | or less | more than | less than | |
| cpe:2.3:o:konicaminolta:bizhub_c284_firmware:*:*:*:*:*:*:*:* | gr4-m0 | ||||
| execution environment | |||||
| 1 | cpe:2.3:h:konicaminolta:bizhub_c284:-:*:*:*:*:*:*:* | ||||
| Configuration45 | or higher | or less | more than | less than | |
| cpe:2.3:o:konicaminolta:bizhub_c224_firmware:*:*:*:*:*:*:*:* | gr4-m0 | ||||
| execution environment | |||||
| 1 | cpe:2.3:h:konicaminolta:bizhub_c224:-:*:*:*:*:*:*:* | ||||
| Configuration46 | or higher | or less | more than | less than | |
| cpe:2.3:o:konicaminolta:bizhub_754_firmware:*:*:*:*:*:*:*:* | gr4-m0 | ||||
| execution environment | |||||
| 1 | cpe:2.3:h:konicaminolta:bizhub_754:-:*:*:*:*:*:*:* | ||||
| Configuration47 | or higher | or less | more than | less than | |
| cpe:2.3:o:konicaminolta:bizhub_654_firmware:*:*:*:*:*:*:*:* | gr4-m0 | ||||
| execution environment | |||||
| 1 | cpe:2.3:h:konicaminolta:bizhub_654:-:*:*:*:*:*:*:* | ||||
| Configuration48 | or higher | or less | more than | less than | |
| cpe:2.3:o:konicaminolta:bizhub_c3851fs_firmware:*:*:*:*:*:*:*:* | gca-x4 | ||||
| execution environment | |||||
| 1 | cpe:2.3:h:konicaminolta:bizhub_c3851fs:-:*:*:*:*:*:*:* | ||||
| Configuration49 | or higher | or less | more than | less than | |
| cpe:2.3:o:konicaminolta:bizhub_c3851_firmware:*:*:*:*:*:*:*:* | gca-x4 | ||||
| execution environment | |||||
| 1 | cpe:2.3:h:konicaminolta:bizhub_c3851:-:*:*:*:*:*:*:* | ||||
| Configuration50 | or higher | or less | more than | less than | |
| cpe:2.3:o:konicaminolta:bizhub_c3351_firmware:*:*:*:*:*:*:*:* | gca-x4 | ||||
| execution environment | |||||
| 1 | cpe:2.3:h:konicaminolta:bizhub_c3351:-:*:*:*:*:*:*:* | ||||
| Configuration51 | or higher | or less | more than | less than | |
| cpe:2.3:o:konicaminolta:bizhub_4752_firmware:*:*:*:*:*:*:*:* | gca-x4 | ||||
| execution environment | |||||
| 1 | cpe:2.3:h:konicaminolta:bizhub_4752:-:*:*:*:*:*:*:* | ||||
| Configuration52 | or higher | or less | more than | less than | |
| cpe:2.3:o:konicaminolta:bizhub_4052_firmware:*:*:*:*:*:*:*:* | gca-x4 | ||||
| execution environment | |||||
| 1 | cpe:2.3:h:konicaminolta:bizhub_4052:-:*:*:*:*:*:*:* | ||||