Change language

Change country

Security Vulnerability in KYOCERA Device Manager

11/01/2024

A security vulnerability has been discovered in “KYOCERA Device Manager Manager” a management tool provided by Kyocera Document Solutions Inc. that allows network administrators to centrally monitor devices such as MFPs and printers on the network.

The following is an overview of the issue and how to resolve it. As of the date of publication of this notice, we have not confirmed any attacks that take advantage of this vulnerability.

【Vulnerability description 】

The vulnerability allows a malicious attacker to tamper with a network shared folder path in aconfiguration that specifies a local folder path to back up the “KYOCERA Device database. This may enable you to obtain user authentication information.

However, an attacker must enter the same environment as the network on which “KYOCERA Device Manager” is running. In addition, knowing the credentials is a prerequisite and the risk of occurrence is considered low.

Vulnerability number: CVE-2023-50916 (CWE-40

【Countermeasures 】

As a countermeasure, we provide a new "KYOCERA Device Manager" that addresses security vulnerability. Please install the latest driver.

*This has been addressed in the "KYOCERA Device Manager" (version 3.1.1213.0).

【Products affected by this vulnerability 】

For more information on how this vulnerability, please contact the Sales Company in the region where you purchased the equipment.

Cookies and your privacy

We use essential cookies to make interactions with our website easy and effective, statistical cookies for us to better understand how our website is used and marketing cookies to tailor advertising for you. You can select your cookie preferences using the 'Preferences' button below, or select 'I agree' to continue with all cookies.

Cookie preferences

Field is required

We use cookies to make sure that our website is working properly or, occasionally, to provide a service on your request (such as managing your cookie preferences). These cookies are always active unless you set your browser to block them, which may prevent some parts of the website from working as expected.

Field is required

These cookies allow us to measure and improve the performance of our website.

Field is required

These cookies are only placed in case you give your consent. We use Marketing cookies to follow how you click and visit our websites in order to show you content based on your interests and to show you personalised advertisement. Currently you do not accept these cookies. Please check this box if you would like to.