Konica Minolta bizhub MFP devices before 2022-04-14 allow a Sandbox Escape. An attacker must attach a keyboard to a USB port, press F12, and then escape from the kiosk mode.

Attack Vector Physical

Attack Complexity Low

Privileges Required Low

Scope Changed

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

No CVSS v3.0

Access Vector Local

Access Complexity Medium

Authentication None

Confidentiality Impact Complete

Integrity Impact Complete

Availability Impact Complete

AV:L/AC:M/Au:N/C:C/I:C/A:C
Vendors Products
Konicaminolta
  • Bizhub 458 Firmware
  • Bizhub C759 Firmware
  • Bizhub C308
  • Bizhub C3320i
  • Bizhub 306i Firmware
  • Bizhub 308
  • Bizhub Pro958
  • Bizhub C250i Firmware
  • Bizhub C300i
  • Bizhub C659 Firmware
  • Bizhub 227 Firmware
  • Bizhub C3351 Firmware
  • Bizhub C360i Firmware
  • Bizhub C300i Firmware
  • Bizhub C3300i Firmware
  • Bizhub C450i
  • Bizhub 226i Firmware
  • Bizhub C227
  • Bizhub 458
  • Bizhub 808
  • Bizhub C550i
  • Bizhub 658e Firmware
  • Bizhub C250i
  • Bizhub C558
  • Bizhub C368
  • Bizhub C308 Firmware
  • Bizhub 368e Firmware
  • Bizhub C287 Firmware
  • Bizhub 368
  • Bizhub C658 Firmware
  • Bizhub C650i
  • Bizhub 308 Firmware
  • Bizhub C287
  • Bizhub C3851fs Firmware
  • Bizhub C258 Firmware
  • Bizhub C3851
  • Bizhub C650i Firmware
  • Bizhub C258
  • Bizhub 226i
  • Bizhub C4050i
  • Bizhub 368 Firmware
  • Bizhub 558e Firmware
  • Bizhub C4000i
  • Bizhub C3350i
  • Bizhub C3351
  • Bizhub 758 Firmware
  • Bizhub C659
  • Bizhub C759
  • Bizhub 558 Firmware
  • Bizhub 306i
  • Bizhub C3300i
  • Bizhub C227 Firmware
  • Bizhub 308e
  • Bizhub 458e Firmware
  • Bizhub 368e
  • Bizhub 758
  • Bizhub 308e Firmware
  • Bizhub C458 Firmware
  • Bizhub C658
  • Bizhub 958 Firmware
  • Bizhub 658e
  • Bizhub 4752 Firmware
  • Bizhub 558
  • Bizhub 4052
  • Bizhub C450i Firmware
  • Bizhub C550i Firmware
  • Bizhub 958
  • Bizhub C3851 Firmware
  • Bizhub C458
  • Bizhub C3851fs
  • Bizhub 227
  • Bizhub C360i
  • Bizhub C558 Firmware
  • Bizhub 808 Firmware
  • Bizhub C3350i Firmware
  • Bizhub 287 Firmware
  • Bizhub 367 Firmware
  • Bizhub 4052 Firmware
  • Bizhub 4752
  • Bizhub 367
  • Bizhub C368 Firmware
  • Bizhub 558e
  • Bizhub 246i Firmware
  • Bizhub Pro958 Firmware
  • Bizhub 458e
  • Bizhub 246i
  • Bizhub C4000i Firmware
  • Bizhub 287
  • Bizhub C4050i Firmware
  • Bizhub C3320i Firmware

Configuration 1 [-]

AND
cpe:2.3:o:konicaminolta:bizhub_226i_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:konicaminolta:bizhub_226i:-:*:*:*:*:*:*:*

Configuration 2 [-]

AND
cpe:2.3:o:konicaminolta:bizhub_227_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:konicaminolta:bizhub_227:-:*:*:*:*:*:*:*

Configuration 3 [-]

AND
cpe:2.3:o:konicaminolta:bizhub_246i_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:konicaminolta:bizhub_246i:-:*:*:*:*:*:*:*

Configuration 4 [-]

AND
cpe:2.3:o:konicaminolta:bizhub_287_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:konicaminolta:bizhub_287:-:*:*:*:*:*:*:*

Configuration 5 [-]

AND
cpe:2.3:o:konicaminolta:bizhub_306i_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:konicaminolta:bizhub_306i:-:*:*:*:*:*:*:*

Configuration 6 [-]

AND
cpe:2.3:o:konicaminolta:bizhub_308_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:konicaminolta:bizhub_308:-:*:*:*:*:*:*:*

Configuration 7 [-]

AND
cpe:2.3:o:konicaminolta:bizhub_308e_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:konicaminolta:bizhub_308e:-:*:*:*:*:*:*:*

Configuration 8 [-]

AND
cpe:2.3:o:konicaminolta:bizhub_367_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:konicaminolta:bizhub_367:-:*:*:*:*:*:*:*

Configuration 9 [-]

AND
cpe:2.3:o:konicaminolta:bizhub_368_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:konicaminolta:bizhub_368:-:*:*:*:*:*:*:*

Configuration 10 [-]

AND
cpe:2.3:o:konicaminolta:bizhub_368e_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:konicaminolta:bizhub_368e:-:*:*:*:*:*:*:*

Configuration 11 [-]

AND
cpe:2.3:o:konicaminolta:bizhub_4052_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:konicaminolta:bizhub_4052:-:*:*:*:*:*:*:*

Configuration 12 [-]

AND
cpe:2.3:o:konicaminolta:bizhub_458_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:konicaminolta:bizhub_458:-:*:*:*:*:*:*:*

Configuration 13 [-]

AND
cpe:2.3:o:konicaminolta:bizhub_458e_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:konicaminolta:bizhub_458e:-:*:*:*:*:*:*:*

Configuration 14 [-]

AND
cpe:2.3:o:konicaminolta:bizhub_4752_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:konicaminolta:bizhub_4752:-:*:*:*:*:*:*:*

Configuration 15 [-]

AND
cpe:2.3:o:konicaminolta:bizhub_558_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:konicaminolta:bizhub_558:-:*:*:*:*:*:*:*

Configuration 16 [-]

AND
cpe:2.3:o:konicaminolta:bizhub_558e_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:konicaminolta:bizhub_558e:-:*:*:*:*:*:*:*

Configuration 17 [-]

AND
cpe:2.3:o:konicaminolta:bizhub_658e_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:konicaminolta:bizhub_658e:-:*:*:*:*:*:*:*

Configuration 18 [-]

AND
cpe:2.3:o:konicaminolta:bizhub_758_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:konicaminolta:bizhub_758:-:*:*:*:*:*:*:*

Configuration 19 [-]

AND
cpe:2.3:o:konicaminolta:bizhub_808_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:konicaminolta:bizhub_808:-:*:*:*:*:*:*:*

Configuration 20 [-]

AND
cpe:2.3:o:konicaminolta:bizhub_958_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:konicaminolta:bizhub_958:-:*:*:*:*:*:*:*

Configuration 21 [-]

AND
cpe:2.3:o:konicaminolta:bizhub_c227_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:konicaminolta:bizhub_c227:-:*:*:*:*:*:*:*

Configuration 22 [-]

AND
cpe:2.3:o:konicaminolta:bizhub_c250i_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:konicaminolta:bizhub_c250i:-:*:*:*:*:*:*:*

Configuration 23 [-]

AND
cpe:2.3:o:konicaminolta:bizhub_c258_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:konicaminolta:bizhub_c258:-:*:*:*:*:*:*:*

Configuration 24 [-]

AND
cpe:2.3:o:konicaminolta:bizhub_c287_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:konicaminolta:bizhub_c287:-:*:*:*:*:*:*:*

Configuration 25 [-]

AND
cpe:2.3:o:konicaminolta:bizhub_c300i_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:konicaminolta:bizhub_c300i:-:*:*:*:*:*:*:*

Configuration 26 [-]

AND
cpe:2.3:o:konicaminolta:bizhub_c308_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:konicaminolta:bizhub_c308:-:*:*:*:*:*:*:*

Configuration 27 [-]

AND
cpe:2.3:o:konicaminolta:bizhub_c3300i_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:konicaminolta:bizhub_c3300i:-:*:*:*:*:*:*:*

Configuration 28 [-]

AND
cpe:2.3:o:konicaminolta:bizhub_c3320i_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:konicaminolta:bizhub_c3320i:-:*:*:*:*:*:*:*

Configuration 29 [-]

AND
cpe:2.3:o:konicaminolta:bizhub_c3350i_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:konicaminolta:bizhub_c3350i:-:*:*:*:*:*:*:*

Configuration 30 [-]

AND
cpe:2.3:o:konicaminolta:bizhub_c3351_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:konicaminolta:bizhub_c3351:-:*:*:*:*:*:*:*

Configuration 31 [-]

AND
cpe:2.3:o:konicaminolta:bizhub_c360i_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:konicaminolta:bizhub_c360i:-:*:*:*:*:*:*:*

Configuration 32 [-]

AND
cpe:2.3:o:konicaminolta:bizhub_c368_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:konicaminolta:bizhub_c368:-:*:*:*:*:*:*:*

Configuration 33 [-]

AND
cpe:2.3:o:konicaminolta:bizhub_c3851_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:konicaminolta:bizhub_c3851:-:*:*:*:*:*:*:*

Configuration 34 [-]

AND
cpe:2.3:o:konicaminolta:bizhub_c3851fs_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:konicaminolta:bizhub_c3851fs:-:*:*:*:*:*:*:*

Configuration 35 [-]

AND
cpe:2.3:o:konicaminolta:bizhub_c4000i_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:konicaminolta:bizhub_c4000i:-:*:*:*:*:*:*:*

Configuration 36 [-]

AND
cpe:2.3:o:konicaminolta:bizhub_c4050i_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:konicaminolta:bizhub_c4050i:-:*:*:*:*:*:*:*

Configuration 37 [-]

AND
cpe:2.3:o:konicaminolta:bizhub_c450i_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:konicaminolta:bizhub_c450i:-:*:*:*:*:*:*:*

Configuration 38 [-]

AND
cpe:2.3:o:konicaminolta:bizhub_c458_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:konicaminolta:bizhub_c458:-:*:*:*:*:*:*:*

Configuration 39 [-]

AND
cpe:2.3:o:konicaminolta:bizhub_c550i_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:konicaminolta:bizhub_c550i:-:*:*:*:*:*:*:*

Configuration 40 [-]

AND
cpe:2.3:o:konicaminolta:bizhub_c558_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:konicaminolta:bizhub_c558:-:*:*:*:*:*:*:*

Configuration 41 [-]

AND
cpe:2.3:o:konicaminolta:bizhub_c650i_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:konicaminolta:bizhub_c650i:-:*:*:*:*:*:*:*

Configuration 42 [-]

AND
cpe:2.3:o:konicaminolta:bizhub_c658_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:konicaminolta:bizhub_c658:-:*:*:*:*:*:*:*

Configuration 43 [-]

AND
cpe:2.3:o:konicaminolta:bizhub_c659_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:konicaminolta:bizhub_c659:-:*:*:*:*:*:*:*

Configuration 44 [-]

AND
cpe:2.3:o:konicaminolta:bizhub_c759_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:konicaminolta:bizhub_c759:-:*:*:*:*:*:*:*

Configuration 45 [-]

AND
cpe:2.3:o:konicaminolta:bizhub_pro958_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:konicaminolta:bizhub_pro958:-:*:*:*:*:*:*:*
References
Link Resource
https://sec-consult.com/vulnerability-lab/ Third Party Advisory
https://sec-consult.com/vulnerability-lab/advisory/sandbox-escape-with-root-access-clear-text-passwords-in-konica-minolta-bizhub-mfp-printer-terminals/ Third Party Advisory
History

No history.

cve-icon MITRE Information

Status: PUBLISHED

Assigner: mitre

Published: 2022-05-16T05:35:52

Updated: 2022-05-16T05:35:52

Reserved: 2022-04-22T00:00:00

Link: CVE-2022-29586

JSON object: View

cve-icon NVD Information

Status : Analyzed

Published: 2022-05-16T06:15:07.740

Modified: 2022-10-11T20:01:57.010

Link: CVE-2022-29586

JSON object: View

cve-icon Redhat Information

No data.

CWE