Konica Minolta Bizhub Series Web Connection Denial-of-Service Vulnerability

A denial-of-service vulnerability has been identified in multiple products within the Konica Minolta bizhub series. This issue arises when a malformed file is imported as an S/MIME email certificate, potentially causing the Web Connection feature to become unresponsive. A wide range of products and versions are affected by this vulnerability.

Impact

Exploitation of this vulnerability leads to a denial-of-service condition, causing the Web Connection feature to become unresponsive.

Remediation

Users are advised to update the firmware of their devices. According to Konica Minolta, the fixed firmware will be deployed incrementally, either via remote delivery or through on-site service by an authorized representative. Additionally, Konica Minolta recommends applying certain workarounds, such as restricting address book modifications by non-administrative users and changing the default administrator password to a more secure option.