Man-in-the-Middle Vulnerability in kantan netprint App for iOS
CVE-2020-5521

7.4HIGH

Key Information:

Vendor: Fuji Xerox Co.,ltd.
Status: Kantan Netprint App For iOS
Vendor: CVE Published:; 27 January 2020

🔔 Create Fuji Xerox Co.,ltd. Vulnerability Alert

What is CVE-2020-5521?

The kantan netprint application for iOS, specifically versions up to 2.0.2, is susceptible to exploitation due to a lack of X.509 certificate verification. This vulnerability enables potential attackers to perform man-in-the-middle attacks, allowing them to impersonate servers and intercept sensitive information by utilizing a maliciously crafted certificate. Users of the app should be aware of this security weakness and consider updating to versions that address this critical flaw.

Affected Version(s)

kantan netprint App for iOS 2.0.2 and earlier

References

https://www.printing.ne.jp/support/information/AppVulnera...

x_refsource_MISC

http://jvn.jp/en/jp/JVN66435380/index.html

x_refsource_MISC

CVSS V3.1

Score:

7.4

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

High

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jan 27, 2020
Vulnerability Reserved
Jan 6, 2020