Main Vulnerability Database Vulnerabilities #VU75029

Exposure of Resource to Wrong Sphere in KYOCERA Mobile Print - CVE-2023-25954

Published: April 12, 2023

Vulnerability identifier: #VU75029

CSH Severity: Medium

CVSSv4.0: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N/E:U/U:Green

CVE-ID: CVE-2023-25954

CWE-ID: CWE-668

Exploitation vector: Remote access

Exploit availability: No public exploit available

Vulnerable software:
KYOCERA Mobile Print

Software vendor:
Kyocera Document Solutions

Description

The vulnerability allows a remote attacker to compromise the system.

The vulnerability exists due to improper intent handling. A remote attacker can cause a malicious app on the victim's device to send an intent and direct the affected app to download malicious files or apps to the device without notification.

Remediation

Install updates from vendor's website.

External links

https://jvn.jp/en/vu/JVNVU98434809/index.html
https://www.kyoceradocumentsolutions.com/en/our-business/security/information/2023-04-11.html

Exposure of Resource to Wrong Sphere in KYOCERA Mobile Print - CVE-2023-25954

Description

Remediation

External links

Please verify you're human