CVE-2021-20872 - Vulnerability Details

Protection mechanism failure vulnerability in KONICA MINOLTA bizhub series (bizhub C750i G00-35 and earlier, bizhub C650i/C550i/C450i G00-B6 and earlier, bizhub C360i/C300i/C250i G00-B6 and earlier, bizhub 750i/650i/550i/450i G00-37 and earlier, bizhub 360i/300i G00-33 and earlier, bizhub C287i/C257i/C227i G00-19 and earlier, bizhub 306i/266i/246i/226i G00-B6 and earlier, bizhub C759/C659 GC7-X8 and earlier, bizhub C658/C558/C458 GC7-X8 and earlier, bizhub 958/808/758 GC7-X8 and earlier, bizhub 658e/558e/458e GC7-X8 and earlier, bizhub C287/C227 GC7-X8 and earlier, bizhub 287/227 GC7-X8 and earlier, bizhub 368e/308e GC7-X8 and earlier, bizhub C368/C308/C258 GC9-X4 and earlier, bizhub 558/458/368/308 GC9-X4 and earlier, bizhub C754e/C654e GDQ-M0 and earlier, bizhub 754e/654e GDQ-M0 and earlier, bizhub C554e/C454e GDQ-M1 and earlier, bizhub C364e/C284e/C224e GDQ-M1 and earlier, bizhub 554e/454e/364e/284e/224e GDQ-M1 and earlier, bizhub C754/C654 C554/C454 GR1-M0 and earlier, bizhub C364/C284/C224 GR1-M0 and earlier, bizhub 754/654 GR1-M0 and earlier, bizhub C3851FS/C3851/C3351 GC9-X4 and earlier, bizhub 4752/4052 GC9-X4 and earlier) allows a physical attacker to bypass the firmware integrity verification and to install malicious firmware.

No CVSS v4.0

Attack Vector Physical

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

No CVSS v3.0

Access Vector Local

Access Complexity Low

Authentication None

Confidentiality Impact Partial

Integrity Impact Partial

Availability Impact Partial

This CVE is not in the KEV list.

The EPSS score is 0.00139.

Key SSVC decision points have not yet been added.

Default status is the baseline for the product, each version can override it (e.g. patched versions marked unaffected).

Vendor Product Default status Versions

KONICA MINOLTA, INC.

bizhub series

affected

Version	Status	Constraints
bizhub C750i G00-35 and earlier, bizhub C650i/C550i/C450i G00-B6 and earlier, bizhub C360i/C300i/C250i G00-B6 and earlier, bizhub 750i/650i/550i/450i G00-37 and earlier, bizhub 360i/300i G00-33 and earlier, bizhub C287i/C257i/C227i G00-19 and earlier, bizhub 306i/266i/246i/226i G00-B6 and earlier, bizhub C759/C659 GC7-X8 and earlier, bizhub C658/C558/C458 GC7-X8 and earlier, bizhub 958/808/758 GC7-X8 and earlier, bizhub 658e/558e/458e GC7-X8 and earlier, bizhub C287/C227 GC7-X8 and earlier, bizhub 287/227 GC7-X8 and earlier, bizhub 368e/308e GC7-X8 and earlier, bizhub C368/C308/C258 GC9-X4 and earlier, bizhub 558/458/368/308 GC9-X4 and earlier, bizhub C754e/C654e GDQ-M0 and earlier, bizhub 754e/654e GDQ-M0 and earlier, bizhub C554e/C454e GDQ-M1 and earlier, bizhub C364e/C284e/C224e GDQ-M1 and earlier, bizhub 554e/454e/364e/284e/224e GDQ-M1 and earlier, bizhub C754/C654 C554/C454 GR1-M0 and earlier, bizhub C364/C284/C224 GR1-M0 and earlier, bizhub 754/654 GR1-M0 and earlier, bizhub C3851FS/C385 ...[truncated*]	affected	—

Configuration 1 [-]

AND

cpe:2.3:o:konicaminolta:bizhub_c759_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:konicaminolta:bizhub_c759:-:*:*:*:*:*:*:*

Configuration 2 [-]

AND

cpe:2.3:o:konicaminolta:bizhub_c659_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:konicaminolta:bizhub_c659:-:*:*:*:*:*:*:*

Configuration 3 [-]

AND

cpe:2.3:o:konicaminolta:bizhub_c658_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:konicaminolta:bizhub_c658:-:*:*:*:*:*:*:*

Configuration 4 [-]

AND

cpe:2.3:o:konicaminolta:bizhub_c558_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:konicaminolta:bizhub_c558:-:*:*:*:*:*:*:*

Configuration 5 [-]

AND

cpe:2.3:o:konicaminolta:bizhub_c458_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:konicaminolta:bizhub_c458:-:*:*:*:*:*:*:*

Configuration 6 [-]

AND

cpe:2.3:o:konicaminolta:bizhub_958_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:konicaminolta:bizhub_958:-:*:*:*:*:*:*:*

Configuration 7 [-]

AND

cpe:2.3:o:konicaminolta:bizhub_808_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:konicaminolta:bizhub_808:-:*:*:*:*:*:*:*

Configuration 8 [-]

AND

cpe:2.3:o:konicaminolta:bizhub_758_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:konicaminolta:bizhub_758:-:*:*:*:*:*:*:*

Configuration 9 [-]

AND

cpe:2.3:o:konicaminolta:bizhub_658e_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:konicaminolta:bizhub_658e:-:*:*:*:*:*:*:*

Configuration 10 [-]

AND

cpe:2.3:o:konicaminolta:bizhub_558e_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:konicaminolta:bizhub_558e:-:*:*:*:*:*:*:*

Configuration 11 [-]

AND

cpe:2.3:o:konicaminolta:bizhub_458e_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:konicaminolta:bizhub_458e:-:*:*:*:*:*:*:*

Configuration 12 [-]

AND

cpe:2.3:o:konicaminolta:bizhub_c287_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:konicaminolta:bizhub_c287:-:*:*:*:*:*:*:*

Configuration 13 [-]

AND

cpe:2.3:o:konicaminolta:bizhub_c227_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:konicaminolta:bizhub_c227:-:*:*:*:*:*:*:*

Configuration 14 [-]

AND

cpe:2.3:o:konicaminolta:bizhub_287_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:konicaminolta:bizhub_287:-:*:*:*:*:*:*:*

Configuration 15 [-]

AND

cpe:2.3:o:konicaminolta:bizhub_227_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:konicaminolta:bizhub_227:-:*:*:*:*:*:*:*

Configuration 16 [-]

AND

cpe:2.3:o:konicaminolta:bizhub_368e_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:konicaminolta:bizhub_368e:-:*:*:*:*:*:*:*

Configuration 17 [-]

AND

cpe:2.3:o:konicaminolta:bizhub_308e_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:konicaminolta:bizhub_308e:-:*:*:*:*:*:*:*

Configuration 18 [-]

AND

cpe:2.3:o:konicaminolta:bizhub_c368_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:konicaminolta:bizhub_c368:-:*:*:*:*:*:*:*

Configuration 19 [-]

AND

cpe:2.3:o:konicaminolta:bizhub_c308_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:konicaminolta:bizhub_c308:-:*:*:*:*:*:*:*

Configuration 20 [-]

AND

cpe:2.3:o:konicaminolta:bizhub_c258_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:konicaminolta:bizhub_c258:-:*:*:*:*:*:*:*

Configuration 21 [-]

AND

cpe:2.3:o:konicaminolta:bizhub_558_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:konicaminolta:bizhub_558:-:*:*:*:*:*:*:*

Configuration 22 [-]

AND

cpe:2.3:o:konicaminolta:bizhub_458_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:konicaminolta:bizhub_458:-:*:*:*:*:*:*:*

Configuration 23 [-]

AND

cpe:2.3:o:konicaminolta:bizhub_368_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:konicaminolta:bizhub_368:-:*:*:*:*:*:*:*

Configuration 24 [-]

AND

cpe:2.3:o:konicaminolta:bizhub_308_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:konicaminolta:bizhub_308:-:*:*:*:*:*:*:*

Configuration 25 [-]

AND

cpe:2.3:o:konicaminolta:bizhub_c754e_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:konicaminolta:bizhub_c754e:-:*:*:*:*:*:*:*

Configuration 26 [-]

AND

cpe:2.3:o:konicaminolta:bizhub_c654e_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:konicaminolta:bizhub_c654e:-:*:*:*:*:*:*:*

Configuration 27 [-]

AND

cpe:2.3:o:konicaminolta:bizhub_754e_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:konicaminolta:bizhub_754e:-:*:*:*:*:*:*:*

Configuration 28 [-]

AND

cpe:2.3:o:konicaminolta:bizhub_654e_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:konicaminolta:bizhub_654e:-:*:*:*:*:*:*:*

Configuration 29 [-]

AND

cpe:2.3:o:konicaminolta:bizhub_c554e_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:konicaminolta:bizhub_c554e:-:*:*:*:*:*:*:*

Configuration 30 [-]

AND

cpe:2.3:o:konicaminolta:bizhub_c454e_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:konicaminolta:bizhub_c454e:-:*:*:*:*:*:*:*

Configuration 31 [-]

AND

cpe:2.3:o:konicaminolta:bizhub_c364e_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:konicaminolta:bizhub_c364e:-:*:*:*:*:*:*:*

Configuration 32 [-]

AND

cpe:2.3:o:konicaminolta:bizhub_c284e_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:konicaminolta:bizhub_c284e:-:*:*:*:*:*:*:*

Configuration 33 [-]

AND

cpe:2.3:o:konicaminolta:bizhub_c224e_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:konicaminolta:bizhub_c224e:-:*:*:*:*:*:*:*

Configuration 34 [-]

AND

cpe:2.3:o:konicaminolta:bizhub_554e_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:konicaminolta:bizhub_554e:-:*:*:*:*:*:*:*

Configuration 35 [-]

AND

cpe:2.3:o:konicaminolta:bizhub_454e_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:konicaminolta:bizhub_454e:-:*:*:*:*:*:*:*

Configuration 36 [-]

AND

cpe:2.3:o:konicaminolta:bizhub_364e_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:konicaminolta:bizhub_364e:-:*:*:*:*:*:*:*

Configuration 37 [-]

AND

cpe:2.3:o:konicaminolta:bizhub_284e_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:konicaminolta:bizhub_284e:-:*:*:*:*:*:*:*

Configuration 38 [-]

AND

cpe:2.3:o:konicaminolta:bizhub_224e_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:konicaminolta:bizhub_224e:-:*:*:*:*:*:*:*

Configuration 39 [-]

AND

cpe:2.3:o:konicaminolta:bizhub_c754_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:konicaminolta:bizhub_c754:-:*:*:*:*:*:*:*

Configuration 40 [-]

AND

cpe:2.3:o:konicaminolta:bizhub_c654_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:konicaminolta:bizhub_c654:-:*:*:*:*:*:*:*

Configuration 41 [-]

AND

cpe:2.3:o:konicaminolta:bizhub_c554_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:konicaminolta:bizhub_c554:-:*:*:*:*:*:*:*

Configuration 42 [-]

AND

cpe:2.3:o:konicaminolta:bizhub_c454_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:konicaminolta:bizhub_c454:-:*:*:*:*:*:*:*

Configuration 43 [-]

AND

cpe:2.3:o:konicaminolta:bizhub_c364_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:konicaminolta:bizhub_c364:-:*:*:*:*:*:*:*

Configuration 44 [-]

AND

cpe:2.3:o:konicaminolta:bizhub_c284_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:konicaminolta:bizhub_c284:-:*:*:*:*:*:*:*

Configuration 45 [-]

AND

cpe:2.3:o:konicaminolta:bizhub_c224_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:konicaminolta:bizhub_c224:-:*:*:*:*:*:*:*

Configuration 46 [-]

AND

cpe:2.3:o:konicaminolta:bizhub_754_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:konicaminolta:bizhub_754:-:*:*:*:*:*:*:*

Configuration 47 [-]

AND

cpe:2.3:o:konicaminolta:bizhub_654_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:konicaminolta:bizhub_654:-:*:*:*:*:*:*:*

Configuration 48 [-]

AND

cpe:2.3:o:konicaminolta:bizhub_c3851fs_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:konicaminolta:bizhub_c3851fs:-:*:*:*:*:*:*:*

Configuration 49 [-]

AND

cpe:2.3:o:konicaminolta:bizhub_c3851_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:konicaminolta:bizhub_c3851:-:*:*:*:*:*:*:*

Configuration 50 [-]

AND

cpe:2.3:o:konicaminolta:bizhub_c3351_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:konicaminolta:bizhub_c3351:-:*:*:*:*:*:*:*

Configuration 51 [-]

AND

cpe:2.3:o:konicaminolta:bizhub_4752_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:konicaminolta:bizhub_4752:-:*:*:*:*:*:*:*

Configuration 52 [-]

AND

cpe:2.3:o:konicaminolta:bizhub_4052_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:konicaminolta:bizhub_4052:-:*:*:*:*:*:*:*

No data.

Project Subscriptions

Vendors	Products
Konicaminolta Subscribe	Bizhub 224e Subscribe Bizhub 224e Firmware Subscribe Bizhub 227 Subscribe Bizhub 227 Firmware Subscribe Bizhub 284e Subscribe Bizhub 284e Firmware Subscribe Bizhub 287 Subscribe Bizhub 287 Firmware Subscribe Bizhub 308 Subscribe Bizhub 308 Firmware Subscribe Bizhub 308e Subscribe Bizhub 308e Firmware Subscribe Bizhub 364e Subscribe Bizhub 364e Firmware Subscribe Bizhub 368 Subscribe Bizhub 368 Firmware Subscribe Bizhub 368e Subscribe Bizhub 368e Firmware Subscribe Bizhub 4052 Subscribe Bizhub 4052 Firmware Subscribe Bizhub 454e Subscribe Bizhub 454e Firmware Subscribe Bizhub 458 Subscribe Bizhub 458 Firmware Subscribe Bizhub 458e Subscribe Bizhub 458e Firmware Subscribe Bizhub 4752 Subscribe Bizhub 4752 Firmware Subscribe Bizhub 554e Subscribe Bizhub 554e Firmware Subscribe Bizhub 558 Subscribe Bizhub 558 Firmware Subscribe Bizhub 558e Subscribe Bizhub 558e Firmware Subscribe Bizhub 654 Subscribe Bizhub 654 Firmware Subscribe Bizhub 654e Subscribe Bizhub 654e Firmware Subscribe Bizhub 658e Subscribe Bizhub 658e Firmware Subscribe Bizhub 754 Subscribe Bizhub 754 Firmware Subscribe Bizhub 754e Subscribe Bizhub 754e Firmware Subscribe Bizhub 758 Subscribe Bizhub 758 Firmware Subscribe Bizhub 808 Subscribe Bizhub 808 Firmware Subscribe Bizhub 958 Subscribe Bizhub 958 Firmware Subscribe Bizhub C224 Subscribe Bizhub C224 Firmware Subscribe Bizhub C224e Subscribe Bizhub C224e Firmware Subscribe Bizhub C227 Subscribe Bizhub C227 Firmware Subscribe Bizhub C258 Subscribe Bizhub C258 Firmware Subscribe Bizhub C284 Subscribe Bizhub C284 Firmware Subscribe Bizhub C284e Subscribe Bizhub C284e Firmware Subscribe Bizhub C287 Subscribe Bizhub C287 Firmware Subscribe Bizhub C308 Subscribe Bizhub C308 Firmware Subscribe Bizhub C3351 Subscribe Bizhub C3351 Firmware Subscribe Bizhub C364 Subscribe Bizhub C364 Firmware Subscribe Bizhub C364e Subscribe Bizhub C364e Firmware Subscribe Bizhub C368 Subscribe Bizhub C368 Firmware Subscribe Bizhub C3851 Subscribe Bizhub C3851 Firmware Subscribe Bizhub C3851fs Subscribe Bizhub C3851fs Firmware Subscribe Bizhub C454 Subscribe Bizhub C454 Firmware Subscribe Bizhub C454e Subscribe Bizhub C454e Firmware Subscribe Bizhub C458 Subscribe Bizhub C458 Firmware Subscribe Bizhub C554 Subscribe Bizhub C554 Firmware Subscribe Bizhub C554e Subscribe Bizhub C554e Firmware Subscribe Bizhub C558 Subscribe Bizhub C558 Firmware Subscribe Bizhub C654 Subscribe Bizhub C654 Firmware Subscribe Bizhub C654e Subscribe Bizhub C654e Firmware Subscribe Bizhub C658 Subscribe Bizhub C658 Firmware Subscribe Bizhub C659 Subscribe Bizhub C659 Firmware Subscribe Bizhub C754 Subscribe Bizhub C754 Firmware Subscribe Bizhub C754e Subscribe Bizhub C754e Firmware Subscribe Bizhub C759 Subscribe Bizhub C759 Firmware Subscribe

Advisories

Source	ID	Title
EUVD	EUVD-2021-8281	Protection mechanism failure vulnerability in KONICA MINOLTA bizhub series (bizhub C750i G00-35 and earlier, bizhub C650i/C550i/C450i G00-B6 and earlier, bizhub C360i/C300i/C250i G00-B6 and earlier, bizhub 750i/650i/550i/450i G00-37 and earlier, bizhub 360i/300i G00-33 and earlier, bizhub C287i/C257i/C227i G00-19 and earlier, bizhub 306i/266i/246i/226i G00-B6 and earlier, bizhub C759/C659 GC7-X8 and earlier, bizhub C658/C558/C458 GC7-X8 and earlier, bizhub 958/808/758 GC7-X8 and earlier, bizhub 658e/558e/458e GC7-X8 and earlier, bizhub C287/C227 GC7-X8 and earlier, bizhub 287/227 GC7-X8 and earlier, bizhub 368e/308e GC7-X8 and earlier, bizhub C368/C308/C258 GC9-X4 and earlier, bizhub 558/458/368/308 GC9-X4 and earlier, bizhub C754e/C654e GDQ-M0 and earlier, bizhub 754e/654e GDQ-M0 and earlier, bizhub C554e/C454e GDQ-M1 and earlier, bizhub C364e/C284e/C224e GDQ-M1 and earlier, bizhub 554e/454e/364e/284e/224e GDQ-M1 and earlier, bizhub C754/C654 C554/C454 GR1-M0 and earlier, bizhub C364/C284/C224 GR1-M0 and earlier, bizhub 754/654 GR1-M0 and earlier, bizhub C3851FS/C3851/C3351 GC9-X4 and earlier, bizhub 4752/4052 GC9-X4 and earlier) allows a physical attacker to bypass the firmware integrity verification and to install malicious firmware.

Fixes

Solution

No solution given by the vendor.

Workaround

No workaround given by the vendor.

References

Link	Providers
https://jvn.jp/en/vu/JVNVU95192472/index.html
https://jvn.jp/vu/JVNVU95192472/index.html
https://www.konicaminolta.com/global/newsroom/topics/2021/1224-01-01.html
https://www.konicaminolta.jp/business/support/important/211224_01_01.html

History

No history.

Projects

Sign in to view the affected projects.

MITRE

Status: PUBLISHED

Assigner: jpcert

Published: 2022-01-04T03:05:27

Updated: 2024-08-03T17:53:23.090Z

Reserved: 2020-12-17T00:00:00

Link: CVE-2021-20872

Vulnrichment

No data.

NVD

Status : Modified

Published: 2022-01-04T04:15:07.457

Modified: 2024-11-21T05:47:19.457

Link: CVE-2021-20872

Redhat

No data.

OpenCVE Enrichment

No data.

Weaknesses

NVD-CWE-Other

Attack Vector Physical

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

Access Vector Local

Access Complexity Low

Authentication None

Confidentiality Impact Partial

Integrity Impact Partial

Availability Impact Partial

Project Subscriptions

Projects

JSON object

JSON object

JSON object

JSON object

JSON object