Vulnerabilities (CVE)

Filtered by vendor Fujifilm Subscribe
Filtered by product Apeos C4570 Firmware
Total 2 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2022-26320 3 Canon, Fujifilm, Rambus 181 Imageprograf Firmware, Imagerunner Firmware, Apeos C3070 and 178 more 2024-10-07 6.4 MEDIUM 9.1 CRITICAL
The Rambus SafeZone Basic Crypto Module before 10.4.0, as used in certain Fujifilm (formerly Fuji Xerox) devices before 2022-03-01, Canon imagePROGRAF and imageRUNNER devices through 2022-03-14, and potentially many other devices, generates RSA keys that can be broken with Fermat's factorization method. This allows efficient calculation of private RSA keys from the public key of a TLS certificate.
CVE-2023-46327 2 Fujifilm, Xerox 186 Apeos 2560, Apeos 2560 Firmware, Apeos 2560 Gk and 183 more 2024-02-28 N/A 5.9 MEDIUM
Multiple MFPs (multifunction printers) provided by FUJIFILM Business Innovation Corp. and Xerox Corporation provide a facility to export the contents of their Address Book with encrypted form, but the encryption strength is insufficient. With the knowledge of the encryption process and the encryption key, the information such as the server credentials may be obtained from the exported Address Book data. As for the details of affected product names, model numbers, and versions, refer to the information provided by the respective vendors listed under [References].