Vulnerabilities > Fujifilm

DATE CVE VULNERABILITY TITLE RISK
2023-11-02 CVE-2023-46327 Improper Authentication vulnerability in multiple products
Multiple MFPs (multifunction printers) provided by FUJIFILM Business Innovation Corp.
network
high complexity
xerox fujifilm CWE-287
5.9
2023-07-11 CVE-2023-29984 NULL Pointer Dereference vulnerability in multiple products
Null pointer dereference vulnerability exists in multiple vendors MFPs and printers which implement Debut web server 1.2 or 1.3.
network
low complexity
fujifilm toshibatec brother CWE-476
7.5
2023-02-13 CVE-2022-43460 Insufficiently Protected Credentials vulnerability in Fujifilm Driver Distributor 2.2.3.1
Driver Distributor v2.2.3.1 and earlier contains a vulnerability where passwords are stored in a recoverable format.
network
low complexity
fujifilm CWE-522
7.5
2022-03-14 CVE-2022-26320 Use of Insufficiently Random Values vulnerability in multiple products
The Rambus SafeZone Basic Crypto Module before 10.4.0, as used in certain Fujifilm (formerly Fuji Xerox) devices before 2022-03-01, Canon imagePROGRAF and imageRUNNER devices through 2022-03-14, and potentially many other devices, generates RSA keys that can be broken with Fermat's factorization method.
network
low complexity
rambus fujifilm canon CWE-330
critical
9.1
2022-03-03 CVE-2021-43774 Use of a Broken or Risky Cryptographic Algorithm vulnerability in Fujifilm products
A risky-algorithm issue was discovered on Fujifilm DocuCentre-VI C4471 1.8 devices.
network
low complexity
fujifilm CWE-327
4.9
2019-04-30 CVE-2019-10950 Missing Authentication for Critical Function vulnerability in Fujifilm products
Fujifilm FCR Capsula X/ Carbon X/ FCR XC-2, model versions CR-IR 357 FCR Carbon X, CR-IR 357 FCR XC-2, FCR-IR 357 FCR Capsula X provide insecure telnet services that lack authentication requirements.
network
low complexity
fujifilm CWE-306
critical
9.8
2019-04-30 CVE-2019-10948 Resource Exhaustion vulnerability in Fujifilm products
Fujifilm FCR Capsula X/ Carbon X/ FCR XC-2, model versions CR-IR 357 FCR Carbon X, CR-IR 357 FCR XC-2, FCR-IR 357 FCR Capsula X are susceptible to a denial-of-service condition as a result of an overflow of TCP packets, which requires the device to be manually rebooted.
network
low complexity
fujifilm CWE-400
7.5
2017-09-01 CVE-2017-10850 Untrusted Search Path vulnerability in Fujifilm Apeosport-Vi and Docucentre-Vi
Untrusted search path vulnerability in Installers of ART EX Driver for ApeosPort-VI C7771/C6671/C5571/C4471/C3371/C2271, DocuCentre-VI C7771/C6671/C5571/C4471/C3371/C2271 (Timestamp of code signing is before 12 Apr 2017 02:04 UTC.), PostScript? Driver + Additional Feature Plug-in + PPD File for ApeosPort-VI C7771/C6671/C5571/C4471/C3371/C2271, DocuCentre-VI C7771/C6671/C5571/C4471/C3371/C2271 (Timestamp of code signing is before 12 Apr 2017 02:10 UTC.), XPS Print Driver for ApeosPort-VI C7771/C6671/C5571/C4471/C3371/C2271, DocuCentre-VI C7771/C6671/C5571/C4471/C3371/C2271 (Timestamp of code signing is before 3 Nov 2017 23:48 UTC.), ART EX Direct FAX Driver for ApeosPort-VI C7771/C6671/C5571/C4471/C3371/C2271, DocuCentre-VI C7771/C6671/C5571/C4471/C3371/C2271 (Timestamp of code signing is before 26 May 2017 07:44 UTC.), Setting Restore Tool for ApeosPort-VI C7771/C6671/C5571/C4471/C3371/C2271, DocuCentre-VI C7771/C6671/C5571/C4471/C3371/C2271 (Timestamp of code signing is before 25 Aug 2015 08:51 UTC.) allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory.
local
low complexity
fujifilm CWE-426
7.8