Search

Find a vulnerability

Search criteria

    4 vulnerabilities found for Multiple MFPs by Konica Minolta, Inc.

    CVE-2025-55704 (GCVE-0-2025-55704)

    Vulnerability from nvd – Published: 2026-01-29 02:41 – Updated: 2026-01-29 17:55
    VLAI
    Summary
    Hidden functionality issue exists in multiple MFPs provided by Brother Industries, Ltd., which may allow an attacker to obtain the logs of the affected product and obtain sensitive information within the logs.
    SSVC
    Exploitation: none Automatable: yes Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    Impacted products
    Vendor Product Version
    Brother Industries, Ltd. Multiple MFPs Affected: see the information provided by the vendor
    Create a notification for this product.
    Konica Minolta, Inc. Multiple MFPs Affected: see the information provided by the vendor
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-55704",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-01-29T17:55:30.752261Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-01-29T17:55:42.308Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Multiple MFPs",
              "vendor": "Brother Industries, Ltd.",
              "versions": [
                {
                  "status": "affected",
                  "version": "see the information provided by the vendor"
                }
              ]
            },
            {
              "product": "Multiple MFPs",
              "vendor": "Konica Minolta, Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "see the information provided by the vendor"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Hidden functionality issue exists in multiple MFPs provided by Brother Industries, Ltd., which may allow an attacker to obtain the logs of the affected product and obtain sensitive information within the logs."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "baseScore": 5.3,
                "baseSeverity": "MEDIUM",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en-US",
                  "value": "GENERAL"
                }
              ]
            },
            {
              "cvssV4_0": {
                "baseScore": 6.9,
                "baseSeverity": "MEDIUM",
                "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N",
                "version": "4.0"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en-US",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-912",
                  "description": "Hidden functionality",
                  "lang": "en-US",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-01-29T02:41:30.640Z",
            "orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
            "shortName": "jpcert"
          },
          "references": [
            {
              "url": "https://faq.brother.co.jp/app/answers/detail/a_id/13716"
            },
            {
              "url": "https://www.konicaminolta.com/global-en/security/advisory/pdf/km-2026-0001.pdf"
            },
            {
              "url": "https://jvn.jp/en/vu/JVNVU92878805/"
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
        "assignerShortName": "jpcert",
        "cveId": "CVE-2025-55704",
        "datePublished": "2026-01-29T02:41:30.640Z",
        "dateReserved": "2025-11-18T23:31:06.243Z",
        "dateUpdated": "2026-01-29T17:55:42.308Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2025-53869 (GCVE-0-2025-53869)

    Vulnerability from nvd – Published: 2026-01-29 02:40 – Updated: 2026-01-29 19:56
    VLAI
    Summary
    Multiple MFPs provided by Brother Industries, Ltd. does not properly validate server certificates, which may allow a man-in-the-middle attacker to replace the set of root certificates used by the product with a set of arbitrary certificates.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-295 - Improper certificate validation
    Assigner
    Impacted products
    Vendor Product Version
    Brother Industries, Ltd. Multiple MFPs Affected: see the information provided by the vendor
    Create a notification for this product.
    Konica Minolta, Inc. Multiple MFPs Affected: see the information provided by the vendor
    Create a notification for this product.
    Ricoh Company, Ltd. Multiple MFPs Affected: see the information provided by the vendor
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-53869",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-01-29T19:56:17.144679Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-01-29T19:56:34.917Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Multiple MFPs",
              "vendor": "Brother Industries, Ltd.",
              "versions": [
                {
                  "status": "affected",
                  "version": "see the information provided by the vendor"
                }
              ]
            },
            {
              "product": "Multiple MFPs",
              "vendor": "Konica Minolta, Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "see the information provided by the vendor"
                }
              ]
            },
            {
              "product": "Multiple MFPs",
              "vendor": "Ricoh Company, Ltd.",
              "versions": [
                {
                  "status": "affected",
                  "version": "see the information provided by the vendor"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Multiple MFPs provided by Brother Industries, Ltd. does not properly validate server certificates, which may allow a man-in-the-middle attacker to replace the set of root certificates used by the product with a set of arbitrary certificates."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "baseScore": 3.7,
                "baseSeverity": "LOW",
                "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en-US",
                  "value": "GENERAL"
                }
              ]
            },
            {
              "cvssV4_0": {
                "baseScore": 6.3,
                "baseSeverity": "MEDIUM",
                "vectorString": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N",
                "version": "4.0"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en-US",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-295",
                  "description": "Improper certificate validation",
                  "lang": "en-US",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-01-29T02:40:57.255Z",
            "orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
            "shortName": "jpcert"
          },
          "references": [
            {
              "url": "https://faq.brother.co.jp/app/answers/detail/a_id/13716"
            },
            {
              "url": "https://www.konicaminolta.com/global-en/security/advisory/pdf/km-2026-0001.pdf"
            },
            {
              "url": "https://www.ricoh.com/products/security/vulnerabilities/vul?id=ricoh-2026-000001"
            },
            {
              "url": "https://jvn.jp/en/vu/JVNVU92878805/"
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
        "assignerShortName": "jpcert",
        "cveId": "CVE-2025-53869",
        "datePublished": "2026-01-29T02:40:57.255Z",
        "dateReserved": "2025-11-18T23:31:03.274Z",
        "dateUpdated": "2026-01-29T19:56:34.917Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2025-55704 (GCVE-0-2025-55704)

    Vulnerability from cvelistv5 – Published: 2026-01-29 02:41 – Updated: 2026-01-29 17:55
    VLAI
    Summary
    Hidden functionality issue exists in multiple MFPs provided by Brother Industries, Ltd., which may allow an attacker to obtain the logs of the affected product and obtain sensitive information within the logs.
    SSVC
    Exploitation: none Automatable: yes Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    Impacted products
    Vendor Product Version
    Brother Industries, Ltd. Multiple MFPs Affected: see the information provided by the vendor
    Create a notification for this product.
    Konica Minolta, Inc. Multiple MFPs Affected: see the information provided by the vendor
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-55704",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-01-29T17:55:30.752261Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-01-29T17:55:42.308Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Multiple MFPs",
              "vendor": "Brother Industries, Ltd.",
              "versions": [
                {
                  "status": "affected",
                  "version": "see the information provided by the vendor"
                }
              ]
            },
            {
              "product": "Multiple MFPs",
              "vendor": "Konica Minolta, Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "see the information provided by the vendor"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Hidden functionality issue exists in multiple MFPs provided by Brother Industries, Ltd., which may allow an attacker to obtain the logs of the affected product and obtain sensitive information within the logs."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "baseScore": 5.3,
                "baseSeverity": "MEDIUM",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en-US",
                  "value": "GENERAL"
                }
              ]
            },
            {
              "cvssV4_0": {
                "baseScore": 6.9,
                "baseSeverity": "MEDIUM",
                "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N",
                "version": "4.0"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en-US",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-912",
                  "description": "Hidden functionality",
                  "lang": "en-US",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-01-29T02:41:30.640Z",
            "orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
            "shortName": "jpcert"
          },
          "references": [
            {
              "url": "https://faq.brother.co.jp/app/answers/detail/a_id/13716"
            },
            {
              "url": "https://www.konicaminolta.com/global-en/security/advisory/pdf/km-2026-0001.pdf"
            },
            {
              "url": "https://jvn.jp/en/vu/JVNVU92878805/"
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
        "assignerShortName": "jpcert",
        "cveId": "CVE-2025-55704",
        "datePublished": "2026-01-29T02:41:30.640Z",
        "dateReserved": "2025-11-18T23:31:06.243Z",
        "dateUpdated": "2026-01-29T17:55:42.308Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2025-53869 (GCVE-0-2025-53869)

    Vulnerability from cvelistv5 – Published: 2026-01-29 02:40 – Updated: 2026-01-29 19:56
    VLAI
    Summary
    Multiple MFPs provided by Brother Industries, Ltd. does not properly validate server certificates, which may allow a man-in-the-middle attacker to replace the set of root certificates used by the product with a set of arbitrary certificates.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-295 - Improper certificate validation
    Assigner
    Impacted products
    Vendor Product Version
    Brother Industries, Ltd. Multiple MFPs Affected: see the information provided by the vendor
    Create a notification for this product.
    Konica Minolta, Inc. Multiple MFPs Affected: see the information provided by the vendor
    Create a notification for this product.
    Ricoh Company, Ltd. Multiple MFPs Affected: see the information provided by the vendor
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-53869",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-01-29T19:56:17.144679Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-01-29T19:56:34.917Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Multiple MFPs",
              "vendor": "Brother Industries, Ltd.",
              "versions": [
                {
                  "status": "affected",
                  "version": "see the information provided by the vendor"
                }
              ]
            },
            {
              "product": "Multiple MFPs",
              "vendor": "Konica Minolta, Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "see the information provided by the vendor"
                }
              ]
            },
            {
              "product": "Multiple MFPs",
              "vendor": "Ricoh Company, Ltd.",
              "versions": [
                {
                  "status": "affected",
                  "version": "see the information provided by the vendor"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Multiple MFPs provided by Brother Industries, Ltd. does not properly validate server certificates, which may allow a man-in-the-middle attacker to replace the set of root certificates used by the product with a set of arbitrary certificates."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "baseScore": 3.7,
                "baseSeverity": "LOW",
                "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en-US",
                  "value": "GENERAL"
                }
              ]
            },
            {
              "cvssV4_0": {
                "baseScore": 6.3,
                "baseSeverity": "MEDIUM",
                "vectorString": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N",
                "version": "4.0"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en-US",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-295",
                  "description": "Improper certificate validation",
                  "lang": "en-US",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-01-29T02:40:57.255Z",
            "orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
            "shortName": "jpcert"
          },
          "references": [
            {
              "url": "https://faq.brother.co.jp/app/answers/detail/a_id/13716"
            },
            {
              "url": "https://www.konicaminolta.com/global-en/security/advisory/pdf/km-2026-0001.pdf"
            },
            {
              "url": "https://www.ricoh.com/products/security/vulnerabilities/vul?id=ricoh-2026-000001"
            },
            {
              "url": "https://jvn.jp/en/vu/JVNVU92878805/"
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
        "assignerShortName": "jpcert",
        "cveId": "CVE-2025-53869",
        "datePublished": "2026-01-29T02:40:57.255Z",
        "dateReserved": "2025-11-18T23:31:03.274Z",
        "dateUpdated": "2026-01-29T19:56:34.917Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }