CVE & CISA-KEV Catalog

CVE-2022-29586

HIGH
7.4
CVSS v3
NVD

Description

Konica Minolta bizhub MFP devices before 2022-04-14 allow a Sandbox Escape. An attacker must attach a keyboard to a USB port, press F12, and then escape from the kiosk mode.

How to fix

Remediation Available
bizhub 226i firmwareNVD
Affected:< 2022-04-14Fixed in:2022-04-14CVE-2022-29586derived from NVD
bizhub 227 firmwareNVD
Affected:< 2022-04-14Fixed in:2022-04-14CVE-2022-29586derived from NVD
bizhub 246i firmwareNVD
Affected:< 2022-04-14Fixed in:2022-04-14CVE-2022-29586derived from NVD
bizhub 287 firmwareNVD
Affected:< 2022-04-14Fixed in:2022-04-14CVE-2022-29586derived from NVD
bizhub 306i firmwareNVD
Affected:< 2022-04-14Fixed in:2022-04-14CVE-2022-29586derived from NVD
bizhub 308 firmwareNVD
Affected:< 2022-04-14Fixed in:2022-04-14CVE-2022-29586derived from NVD
bizhub 308e firmwareNVD
Affected:< 2022-04-14Fixed in:2022-04-14CVE-2022-29586derived from NVD
bizhub 367 firmwareNVD
Affected:< 2022-04-14Fixed in:2022-04-14CVE-2022-29586derived from NVD
bizhub 368 firmwareNVD
Affected:< 2022-04-14Fixed in:2022-04-14CVE-2022-29586derived from NVD
bizhub 368e firmwareNVD
Affected:< 2022-04-14Fixed in:2022-04-14CVE-2022-29586derived from NVD
bizhub 4052 firmwareNVD
Affected:< 2022-04-14Fixed in:2022-04-14CVE-2022-29586derived from NVD
bizhub 458 firmwareNVD
Affected:< 2022-04-14Fixed in:2022-04-14CVE-2022-29586derived from NVD
bizhub 458e firmwareNVD
Affected:< 2022-04-14Fixed in:2022-04-14CVE-2022-29586derived from NVD
bizhub 4752 firmwareNVD
Affected:< 2022-04-14Fixed in:2022-04-14CVE-2022-29586derived from NVD
bizhub 558 firmwareNVD
Affected:< 2022-04-14Fixed in:2022-04-14CVE-2022-29586derived from NVD
bizhub 558e firmwareNVD
Affected:< 2022-04-14Fixed in:2022-04-14CVE-2022-29586derived from NVD
bizhub 658e firmwareNVD
Affected:< 2022-04-14Fixed in:2022-04-14CVE-2022-29586derived from NVD
bizhub 758 firmwareNVD
Affected:< 2022-04-14Fixed in:2022-04-14CVE-2022-29586derived from NVD
bizhub 808 firmwareNVD
Affected:< 2022-04-14Fixed in:2022-04-14CVE-2022-29586derived from NVD
bizhub 958 firmwareNVD
Affected:< 2022-04-14Fixed in:2022-04-14CVE-2022-29586derived from NVD
bizhub c227 firmwareNVD
Affected:< 2022-04-14Fixed in:2022-04-14CVE-2022-29586derived from NVD
bizhub c250i firmwareNVD
Affected:< 2022-04-14Fixed in:2022-04-14CVE-2022-29586derived from NVD
bizhub c258 firmwareNVD
Affected:< 2022-04-14Fixed in:2022-04-14CVE-2022-29586derived from NVD
bizhub c287 firmwareNVD
Affected:< 2022-04-14Fixed in:2022-04-14CVE-2022-29586derived from NVD
bizhub c300i firmwareNVD
Affected:< 2022-04-14Fixed in:2022-04-14CVE-2022-29586derived from NVD
bizhub c308 firmwareNVD
Affected:< 2022-04-14Fixed in:2022-04-14CVE-2022-29586derived from NVD
bizhub c3300i firmwareNVD
Affected:< 2022-04-14Fixed in:2022-04-14CVE-2022-29586derived from NVD
bizhub c3320i firmwareNVD
Affected:< 2022-04-14Fixed in:2022-04-14CVE-2022-29586derived from NVD
bizhub c3350i firmwareNVD
Affected:< 2022-04-14Fixed in:2022-04-14CVE-2022-29586derived from NVD
bizhub c3351 firmwareNVD
Affected:< 2022-04-14Fixed in:2022-04-14CVE-2022-29586derived from NVD
bizhub c360i firmwareNVD
Affected:< 2022-04-14Fixed in:2022-04-14CVE-2022-29586derived from NVD
bizhub c368 firmwareNVD
Affected:< 2022-04-14Fixed in:2022-04-14CVE-2022-29586derived from NVD
bizhub c3851 firmwareNVD
Affected:< 2022-04-14Fixed in:2022-04-14CVE-2022-29586derived from NVD
bizhub c3851fs firmwareNVD
Affected:< 2022-04-14Fixed in:2022-04-14CVE-2022-29586derived from NVD
bizhub c4000i firmwareNVD
Affected:< 2022-04-14Fixed in:2022-04-14CVE-2022-29586derived from NVD
bizhub c4050i firmwareNVD
Affected:< 2022-04-14Fixed in:2022-04-14CVE-2022-29586derived from NVD
bizhub c450i firmwareNVD
Affected:< 2022-04-14Fixed in:2022-04-14CVE-2022-29586derived from NVD
bizhub c458 firmwareNVD
Affected:< 2022-04-14Fixed in:2022-04-14CVE-2022-29586derived from NVD
bizhub c550i firmwareNVD
Affected:< 2022-04-14Fixed in:2022-04-14CVE-2022-29586derived from NVD
bizhub c558 firmwareNVD
Affected:< 2022-04-14Fixed in:2022-04-14CVE-2022-29586derived from NVD
bizhub c650i firmwareNVD
Affected:< 2022-04-14Fixed in:2022-04-14CVE-2022-29586derived from NVD
bizhub c658 firmwareNVD
Affected:< 2022-04-14Fixed in:2022-04-14CVE-2022-29586derived from NVD
bizhub c659 firmwareNVD
Affected:< 2022-04-14Fixed in:2022-04-14CVE-2022-29586derived from NVD
bizhub c759 firmwareNVD
Affected:< 2022-04-14Fixed in:2022-04-14CVE-2022-29586derived from NVD
bizhub pro958 firmwareNVD
Affected:< 2022-04-14Fixed in:2022-04-14CVE-2022-29586derived from NVD

Remediation is compiled from vendor and distribution security advisories. Always confirm against the linked source for your exact version and platform.

CVSS v3 Vector

Exploitability

Attack VectorPhysical
Attack ComplexityLow
Privileges RequiredLow
User InteractionNone
ScopeChanged

Impact

ConfidentialityHigh
IntegrityHigh
AvailabilityHigh

CVSS:3.1/AV:P/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H

Exploit Intelligence

0.43%probability of exploitation in 30 days
35thpercentile

Low risk: more likely to be exploited than 35% of all known CVEs.

References

Third-Party Advisory2
Embed a live status badge for CVE-2022-29586
CVE-2022-29586 severity badge

Markdown

[![CVE-2022-29586](https://tridentstack.com/cve/badge/CVE-2022-29586.svg)](https://tridentstack.com/cve/CVE-2022-29586)

HTML

<a href="https://tridentstack.com/cve/CVE-2022-29586"><img src="https://tridentstack.com/cve/badge/CVE-2022-29586.svg" alt="CVE-2022-29586"></a>

Find and fix vulnerabilities across your fleet

TridentStack Control continuously scans your Windows, macOS, and Linux fleet for known vulnerabilities, prioritizes them by severity and active exploitation, and patches them automatically.

Start free

This product uses NVD data but is not endorsed or certified by the NVD. EPSS scores courtesy of FIRST.org (https://www.first.org/epss). Source: CISA KEV Catalog. Data as of 2024-11-21.