Null Pointer Dereference in Multiple MFPs and Printers by Various Vendors
CVE-2023-29984

7.5HIGH

Key Information:

Vendor: Fujifilm
Status: Docuprint M265 Z Firmware
Vendor: CVE Published:; 11 July 2023

What is CVE-2023-29984?

A null pointer dereference vulnerability has been identified in multiple vendors' multifunction printers (MFPs) and printers that utilize Debut web server versions 1.2 and 1.3. This vulnerability can be exploited by sending specially crafted requests, potentially leading to a denial-of-service (DoS) condition. Users and organizations using affected products are advised to follow vendor guidance to mitigate risks.

References

https://jvn.jp/en/vu/JVNVU93767756/index.html

https://www.fujifilm.com/fbglobal/eng/company/news/notice...

https://support.brother.com/g/b/faqend.aspx?c=us&lang=en&...

CVSS V3.1

Score:

7.5

Severity:

HIGH

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Jul 11, 2023
Vulnerability Reserved
Apr 7, 2023

Fujifilm

What is CVE-2023-29984?

References

CVSS V3.1

Timeline