CVE-2024-12782
Published: Dec 19, 2024
Modified: Feb 28, 2025
CVSS v3.1
7.3
Description
A vulnerability has been found in Fujifilm Business Innovation Apeos C3070, Apeos C5570 and Apeos C6580 up to 24.8.28 and classified as critical. This vulnerability affects unknown code of the file /home/index.html#hashHome of the component Web Interface. The manipulation leads to improper authorization. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The real existence of this vulnerability is still doubted at the moment. The vendor explains that "during technical verification it is not possible to reproduce any active actions like reboots which were mentioned in the original researcher disclosure."
| Vendor | Product | Versions |
|---|---|---|
Fujifilm Business Innovation | Apeos C3070 | affected 22.1.0affected 22.1.1affected 22.1.2affected 22.1.3affected 22.1.4+111 more versions |
Fujifilm Business Innovation | Apeos C5570 | affected 22.1.0affected 22.1.1affected 22.1.2affected 22.1.3affected 22.1.4+111 more versions |
Fujifilm Business Innovation | Apeos C6580 | affected 22.1.0affected 22.1.1affected 22.1.2affected 22.1.3affected 22.1.4+111 more versions |
CVSS v3.1 Details
CVSS v3.1 Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
References
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now