Safety-relevant information:
Impact of the CVE-2023-50916 vulnerability on our products
I. Vulnerability summary
Product:
TA/UTAX Device Manager
Description:
CVE-2023-50916: A security vulnerability has been discovered in the “TA/UTAX Device Manager” – a management tool that allows network administrators to centrally monitor devices such as MFPs and printers on the network.
The vulnerability allows a malicious attacker to tamper with a network shared folder path in a configuration that specifies a local folder path to back up the “TA/UTAX Device Manager” database. This may enable you to obtain user authentication information.
However, an attacker must enter the same environment as the network on which “TA/UTAX Device Manager” is running. In addition, knowing the credentials is a prerequisite and the risk of occurrence is considered low.
Impact on our products:
As of the date of publication of this notice, we have not confirmed any attacks that take advantage of this vulnerability.
TA/UTAX Device Manager
Description:
CVE-2023-50916: A security vulnerability has been discovered in the “TA/UTAX Device Manager” – a management tool that allows network administrators to centrally monitor devices such as MFPs and printers on the network.
The vulnerability allows a malicious attacker to tamper with a network shared folder path in a configuration that specifies a local folder path to back up the “TA/UTAX Device Manager” database. This may enable you to obtain user authentication information.
However, an attacker must enter the same environment as the network on which “TA/UTAX Device Manager” is running. In addition, knowing the credentials is a prerequisite and the risk of occurrence is considered low.
Impact on our products:
As of the date of publication of this notice, we have not confirmed any attacks that take advantage of this vulnerability.
II. Solution
As a countermeasure, we provide a new version of the “TA/UTAX Device Manager” that addresses the security vulnerability (version 3.1.1213.0). Please install the latest driver.