Kyocera Device Manager Vulnerability Exposes Enterprise Credentials

Organizations have been warned of a vulnerability in Kyocera Device Manager that can be exploited to capture credentials and gain access to accounts and devices.
A web-based application, the Kyocera Device Manager is used for the management of multiple Kyocera printers and multifunction devices within an organization's environment, offering support for application deployment, setting up alerts, and more.
In December, Trustwave identified and reported an improper input validation flaw in the 'path' parameter of a Kyocera Device Manager function that handles requests to set the database backup location.
The issue, tracked as CVE-2023-50916, allows an attacker to bypass input restrictions and submit a backup path allowing them to alter the path parameter value to a network path under their control.
Although the application rejects certain characters in the path parameter, an attacker could use a web interception proxy to modify the request or could send the request directly to the application, which will then accept the UNC path.
Next, the Kyocera Device Manager will attempt to confirm access and to authenticate to the UNC path, allowing the attacker to capture or relay Active Directory hashed credentials, Trustwave explains in a technical writeup.
The electronics manufacturer pointed out that the issue can be exploited by an authenticated attacker with direct access to the same network as the Kyocera Device Manager.
The vendor patched the vulnerability in Kyocera Device Manager version 3.1.1213.0 by implementing a validation function to ignore any supplied invalid paths and apply the original valid path instead. Organizations are advised to update their instances as soon as possible, as successful exploitation of the bug could lead to a broad range of nefarious activities.


This Cyber News was published on www.securityweek.com. Publication date: Wed, 10 Jan 2024 13:43:05 +0000


Cyber News related to Kyocera Device Manager Vulnerability Exposes Enterprise Credentials

Kyocera Device Manager Vulnerability Exposes Enterprise Credentials - Organizations have been warned of a vulnerability in Kyocera Device Manager that can be exploited to capture credentials and gain access to accounts and devices. A web-based application, the Kyocera Device Manager is used for the management of ...
11 months ago Securityweek.com
CVE-2020-8023 - A acceptance of Extraneous Untrusted Data With Trusted Data vulnerability in the start script of openldap2 of SUSE Enterprise Storage 5, SUSE Linux Enterprise Debuginfo 11-SP3, SUSE Linux Enterprise Debuginfo 11-SP4, SUSE Linux Enterprise Point of ...
4 years ago
Path Traversal Bug Besets Popular Kyocera Office Printers - A newly published path traversal vulnerability could enable account takeover, data theft, and follow-on attacks at organizations using Kyocera printers and other multifunction devices. Kyocera is a Japanese electronics manufacturer known for its ...
11 months ago Darkreading.com
CVE-2020-8022 - A Incorrect Default Permissions vulnerability in the packaging of tomcat on SUSE Enterprise Storage 5, SUSE Linux Enterprise Server 12-SP2-BCL, SUSE Linux Enterprise Server 12-SP2-LTSS, SUSE Linux Enterprise Server 12-SP3-BCL, SUSE Linux Enterprise ...
3 years ago
Credentials are Still King: Leaked Credentials, Data Breaches and Dark Web Markets - Infostealers infect computers, steal all of the credentials saved in the browser along with active session cookies and other data, then export it back to command and control infrastructure before, in some cases, self-terminating. This article will ...
11 months ago Bleepingcomputer.com
CVE-2019-3695 - A Improper Control of Generation of Code vulnerability in the packaging of pcp of SUSE Linux Enterprise High Performance Computing 15-ESPOS, SUSE Linux Enterprise High Performance Computing 15-LTSS, SUSE Linux Enterprise Module for Development Tools ...
4 years ago
CVE-2019-3696 - A Improper Limitation of a Pathname to a Restricted Directory vulnerability in the packaging of pcp of SUSE Linux Enterprise High Performance Computing 15-ESPOS, SUSE Linux Enterprise High Performance Computing 15-LTSS, SUSE Linux Enterprise Module ...
4 years ago
CMDB: Device Visibility for Bank Security - Let us see how a device visibility and control software functions to automatically alert when a rogue or unauthorized device enters your network. Device visibility and control is a cybersecurity concept that refers to the ability to discover, ...
11 months ago Feeds.dzone.com
Scattered Spider Hops Nimbly From Cloud to On-Prem in Complex Attack - The group behind the high-profile MGM cyberattack in September has resurfaced in yet another sophisticated ransomware attack, in which the actor pivoted from a third-party service environment to the target organization's on-premise network in only an ...
1 year ago Darkreading.com
Scattered Spider Hops Nimbly From Cloud to On-Prem in Complex Attack - The group behind the high-profile MGM cyberattack in September has resurfaced in yet another sophisticated ransomware attack, in which the actor pivoted from a third-party service environment to the target organization's on-premise network in only an ...
1 year ago Darkreading.com
6 Best Enterprise Password Managers for 2024 Rated - Password managers are security tools that store, manage, and share authorization credentials safely for individual users and groups. In this article, I evaluate the top password managers and their ability to deliver and support solutions for ...
9 months ago Esecurityplanet.com
CVE-2024-20916 - Vulnerability in the Oracle Enterprise Manager Base Platform product of Oracle Enterprise Manager (component: Event Management). The supported version that is affected is 13.5.0.0. Easily exploitable vulnerability allows high privileged attacker ...
11 months ago
Understand the pros and cons of enterprise password managers - To counter these threats, corporate IT security teams are turning to business-grade password managers to help centralize and streamline password and credential management. A password manager is a credential vault that gives IT teams a unified digital ...
10 months ago Techtarget.com
CVE-2019-18904 - A Uncontrolled Resource Consumption vulnerability in rmt of SUSE Linux Enterprise High Performance Computing 15-ESPOS, SUSE Linux Enterprise High Performance Computing 15-LTSS, SUSE Linux Enterprise Module for Public Cloud 15-SP1, SUSE Linux ...
4 years ago
Kyocera AVX says ransomware attack impacted 39,000 individuals - Kyocera AVX Components Corporation is sending notices of a data breach exposing personal information of 39,111 individuals following a ransomware attack. KAVX is an American manufacturer of advanced electronic components, a subsidiary of the Japanese ...
1 year ago Bleepingcomputer.com
361 million stolen accounts leaked on Telegram added to HIBP - A massive trove of 361 million email addresses from credentials stolen by password-stealing malware, in credential stuffing attacks, and from data breaches was added to the Have I Been Pwned data breach notification service, allowing anyone to check ...
6 months ago Bleepingcomputer.com
CVE-2020-36695 - Incorrect Default Permissions vulnerability in Hitachi Device Manager on Linux (Device Manager Server component), Hitachi Tiered Storage Manager on Linux, Hitachi Replication Manager on Linux, Hitachi Tuning Manager on Linux (Hitachi Tuning Manager ...
1 year ago
What happens when you accidentally leak your AWS API keys? - My situation had no ill consequences, but it could have if I had used my actual email for the script or if my project was bigger and I had used AWS or another cloud provider and hardcoded those credentials. In a later class I did learn how to safely ...
9 months ago Isc.sans.edu
CVE-2018-2750 - Vulnerability in the Enterprise Manager Base Platform component of Oracle Enterprise Manager Products Suite (subcomponent: UI Framework). The supported version that is affected is 12.1.0.5. Easily exploitable vulnerability allows unauthenticated ...
5 years ago
CVE-2024-20917 - Vulnerability in the Oracle Enterprise Manager Base Platform product of Oracle Enterprise Manager (component: Log Management). The supported version that is affected is 13.5.0.0. Difficult to exploit vulnerability allows unauthenticated attacker ...
10 months ago
CVE-2020-2616 - Vulnerability in the Enterprise Manager Base Platform product of Oracle Enterprise Manager (component: Enterprise Manager Repository). Supported versions that are affected are 12.1.0.5, 13.2.0.0 and 13.3.0.0. Easily exploitable vulnerability allows ...
2 years ago
CVE-2022-21516 - Vulnerability in the Enterprise Manager Base Platform product of Oracle Enterprise Manager (component: Enterprise Manager Install). Supported versions that are affected are 13.4.0.0 and 13.5.0.0. Easily exploitable vulnerability allows ...
2 years ago
CVE-2021-28829 - The Administration GUI component of TIBCO Software Inc.'s TIBCO Administrator - Enterprise Edition, TIBCO Administrator - Enterprise Edition, TIBCO Administrator - Enterprise Edition Distribution for TIBCO Silver Fabric, TIBCO Administrator - ...
3 years ago
CVE-2021-28827 - The Administration GUI component of TIBCO Software Inc.'s TIBCO Administrator - Enterprise Edition, TIBCO Administrator - Enterprise Edition, TIBCO Administrator - Enterprise Edition Distribution for TIBCO Silver Fabric, TIBCO Administrator - ...
3 years ago
Critical bug in ownCloud file sharing app exposes admin passwords - Open source file sharing software ownCloud is warning of three critical-severity security vulnerabilities, including one that can expose administrator passwords and mail server credentials. OwnCloud is an open-source file sync and sharing solution ...
1 year ago Bleepingcomputer.com

Latest Cyber News


Cyber Trends (last 7 days)


Trending Cyber News (last 7 days)