Path Traversal Bug Besets Popular Kyocera Office Printers

A newly published path traversal vulnerability could enable account takeover, data theft, and follow-on attacks at organizations using Kyocera printers and other multifunction devices.
Kyocera is a Japanese electronics manufacturer known for its multifunction printers.
As of 2021 it possessed around 7.8% of the global market share for printers in general, according to data from Statista.
On Dec. 22, the company acknowledged a vulnerability affecting its Device Manager Web application, which IT administrators use to manage one or more Kyocera office devices.
In a blog post published on Jan. 8, researchers from Trustwave Spiderlabs filled in the gaps for the bug they've labeled CVE-2023-50916.
CVE-2023-50916 allows an attacker to funnel Device Manager authentication attempts towards their own malicious server.
It has not yet been exploited in the wild, published by MITRE, or scored by the National Vulnerability Database.
It did not immediately respond to a request for comment from Dark Reading.
The issue underlying CVE-2023-50916 has to do with a minor function of the Kyocera Device Manager, which allows admins the ability to configure the backup location of a database used by the app.
Naturally, the app expects to point to a local path - a directory on the local system.
With a Web interception proxy, or simply by sending the request to the application endpoint, an attacker can coerce it into accepting a UNC path instead. An attacker who's set up their own server can intercept the app's attempt at authentication, gaining access to the credentials associated with the higher, service-level process handling all of the Device Manager functionality.
Then they can pivot and move laterally through a network.
The issue is abated, in part, by the implicit need for an attacker to already have access to a company's network before attempting the interception.
For that reason, Sigler highlights the need for companies to properly segment their IT environments.


This Cyber News was published on www.darkreading.com. Publication date: Tue, 09 Jan 2024 21:25:26 +0000


Cyber News related to Path Traversal Bug Besets Popular Kyocera Office Printers

Path Traversal Bug Besets Popular Kyocera Office Printers - A newly published path traversal vulnerability could enable account takeover, data theft, and follow-on attacks at organizations using Kyocera printers and other multifunction devices. Kyocera is a Japanese electronics manufacturer known for its ...
9 months ago Darkreading.com
Kyocera Device Manager Vulnerability Exposes Enterprise Credentials - Organizations have been warned of a vulnerability in Kyocera Device Manager that can be exploited to capture credentials and gain access to accounts and devices. A web-based application, the Kyocera Device Manager is used for the management of ...
9 months ago Securityweek.com
Microsoft Office 2024 now available for Windows and macOS users - As announced earlier in September, starting in Office 2024, Microsoft will also turn off ActiveX controls by default in Word, Excel, PowerPoint, and Visio client apps, a measure likely prompted by ActiveX's well-known security issues. Last month, ...
1 month ago Bleepingcomputer.com
Government Quash All Post Office Horizon Convictions - It comes after the government in July 2021 had promised to compensate those postmasters who had their Horizon-related convictions overturned. The Government said this week it has committed to making sure these convictions are overturned by the end of ...
9 months ago Silicon.co.uk
The 20 Most Essential Crypto Bug Bounty Programs - Working with cryptocurrency has become more and more popular in the last few years, but it’s not without risks. It’s important for sites that conduct digital payments and transfers to have security measures in place to help keep your data safe ...
1 year ago Hackread.com
Checking Microsoft Office for Outdated Versions While Maintaining Privacy - Microsoft has released an update, KB5021751, which is designed to identify the number of customers running Office versions that are outdated or close to their end of support. This update is only installed on systems where Office 2013, Office 2010, or ...
1 year ago Bleepingcomputer.com
Microsoft 365 To Block Downloaded Excel XLL Add-Ins To Boost Security - Microsoft has recently announced that in order to help improve security, Microsoft 365 is now blocking the download of XLL add-ins for Excel on both Window PCs and Apple Macs. This new feature will be put into effect early 2021, affecting both Office ...
1 year ago Bleepingcomputer.com
2024 Tech Predictions: Hybrid Collaboration is Here to Stay - Reflections from the Consumer Electronics Show and predictions for the year in tech. From home, the office and everywhere in between, we use Cisco collaboration solutions to solve hybrid work's greatest challenges, while inspiring innovation, ...
9 months ago Feedpress.me
The most popular passwords of 2023 are easy to guess and crack - Each year, analysts at various Internet security companies release lists of the most used passwords. ADVERTISEMENT. The passwords that are on these lists may act as a warning for any Internet and electronic device user. Some common passwords have ...
10 months ago Ghacks.net
Microsoft confirms Windows bug renames printers to HP LaserJet M101-M106 - Microsoft has confirmed an issue causing the HP Smart app to automatically install on Windows systems after all printers are renamed to HP LaserJet M101-M106. Customers have been reporting this issue since last week on the Microsoft community website ...
11 months ago Bleepingcomputer.com
CVE-2014-7888 - The OLE Point of Sale (OPOS) drivers before 1.13.003 on HP Point of Sale Windows PCs allow remote attackers to execute arbitrary code via vectors involving OPOSMICR.ocx for PUSB Thermal Receipt printers, SerialUSB Thermal Receipt printers, Hybrid POS ...
5 years ago
CVE-2014-7895 - The OLE Point of Sale (OPOS) drivers before 1.13.003 on HP Point of Sale Windows PCs allow remote attackers to execute arbitrary code via vectors involving OPOSCashDrawer.ocx for PUSB Thermal Receipt printers, SerialUSB Thermal Receipt printers, ...
5 years ago
CVE-2014-7893 - The OLE Point of Sale (OPOS) drivers before 1.13.003 on HP Point of Sale Windows PCs allow remote attackers to execute arbitrary code via vectors involving OPOSCheckScanner.ocx for PUSB Thermal Receipt printers, SerialUSB Thermal Receipt printers, ...
5 years ago
CVE-2014-7894 - The OLE Point of Sale (OPOS) drivers before 1.13.003 on HP Point of Sale Windows PCs allow remote attackers to execute arbitrary code via vectors involving OPOSPOSPrinter.ocx for PUSB Thermal Receipt printers, SerialUSB Thermal Receipt printers, ...
5 years ago
HP CEO Says They Brick Printers That Use Third-Party Ink Because of Hackers - Last Thursday, HP CEO Enrique Lores addressed the company's controversial practice of bricking printers when users load them with third-party ink. That frightening scenario could help explain why HP, which was hit this month with another lawsuit over ...
9 months ago Wired.com
Kyocera AVX says ransomware attack impacted 39,000 individuals - Kyocera AVX Components Corporation is sending notices of a data breach exposing personal information of 39,111 individuals following a ransomware attack. KAVX is an American manufacturer of advanced electronic components, a subsidiary of the Japanese ...
11 months ago Bleepingcomputer.com
CVE-2009-0562 - The Office Web Components ActiveX Control in Microsoft Office XP SP3, Office 2003 SP3, Office XP Web Components SP3, Office 2003 Web Components SP3, Office 2003 Web Components SP1 for the 2007 Microsoft Office System, Internet Security and ...
6 years ago
CVE-2009-2496 - Heap-based buffer overflow in the Office Web Components ActiveX Control in Microsoft Office XP SP3, Office 2003 SP3, Office XP Web Components SP3, Office 2003 Web Components SP3, Office 2003 Web Components SP1 for the 2007 Microsoft Office System, ...
6 years ago
CVE-2010-3334 - Microsoft Office XP SP3, Office 2003 SP3, Office 2007 SP2, Office 2010, Office 2004 and 2008 for Mac, Office for Mac 2011, and Open XML File Format Converter for Mac allow remote attackers to execute arbitrary code via an Office document containing ...
6 years ago
CVE-2015-6093 - Microsoft Office 2007 SP3, Office 2010 SP2, Office 2013 SP1, Office 2013 RT SP1, Office 2016, Word Automation Services on SharePoint Server 2010 SP2 and 2013 SP1, Office Web Apps 2010 SP2, and Office Web Apps Server 2013 SP1 allow remote attackers to ...
6 years ago
CVE-2009-2504 - Multiple integer overflows in unspecified APIs in GDI+ in Microsoft .NET Framework 1.1 SP1, .NET Framework 2.0 SP1 and SP2, Windows XP SP2 and SP3, Windows Server 2003 SP2, Vista Gold and SP1, Server 2008 Gold, Office XP SP3, Office 2003 SP3, 2007 ...
6 years ago
CVE-2009-2503 - GDI+ in Microsoft Internet Explorer 6 SP1, Windows XP SP2 and SP3, Windows Server 2003 SP2, Office XP SP3, Office 2003 SP3, 2007 Microsoft Office System SP1 and SP2, Office Project 2002 SP1, Visio 2002 SP2, Office Word Viewer, Word Viewer 2003 Gold ...
6 years ago
CVE-2009-1136 - The Microsoft Office Web Components Spreadsheet ActiveX control (aka OWC10 or OWC11), as distributed in Office XP SP3 and Office 2003 SP3, Office XP Web Components SP3, Office 2003 Web Components SP3, Office 2003 Web Components SP1 for the 2007 ...
6 years ago
CVE-2009-0561 - Integer overflow in Excel in Microsoft Office 2000 SP3, Office XP SP3, Office 2003 SP3, and Office 2004 and 2008 for Mac; Excel in 2007 Microsoft Office System SP1 and SP2; Open XML File Format Converter for Mac; Microsoft Office Excel Viewer 2003 ...
6 years ago
CVE-2009-3126 - Integer overflow in GDI+ in Microsoft Internet Explorer 6 SP1, Windows XP SP2 and SP3, Office XP SP3, Office 2003 SP3, 2007 Microsoft Office System SP1 and SP2, Office Project 2002 SP1, Visio 2002 SP2, Office Word Viewer, Word Viewer 2003 Gold and ...
6 years ago

Latest Cyber News


Cyber Trends (last 7 days)


Trending Cyber News (last 7 days)