Notification on the vulnerabilities for Web Based Management embedded in FUJIFLM printers
March 6th, 2024
Dear Customers,
Thank you for your continuous support towards FUJIFILM products.
We regret to inform that two potential vulnerabilities were found in the Web Based Management embedded in FUJIFILM printers list in the table below.
We recommend customers to check if your printer falls under the list and is affected by those vulnerabilities. If so, please consider upgrading the devices with the fixed firmware and perform operations described below.
Affected models and the versions of fixed firmware
The models listed below are affected by those vulnerabilities.
Firmware versions listed below will fix those vulnerability issues.
“Operation type” column shows the operation that should be performed to apply the countermeasure. Please refer to the “Operation Type” sections below.
| Product name | Fixed firmware versions (Main ver. / Sub ver.) | Operation type | Note |
|---|---|---|---|
| DocuPrint P378 d | Ver.1.21 / Ver.1.05 | A | CSRF vulnerability only |
| DocuPrint P375 d | Ver.1.21 / Ver.1.05 | A | CSRF vulnerability only |
| DocuPrint P375 dw | Ver.1.21 / Ver.1.05 | A | CSRF vulnerability only |
| DocuPrint P378 dw | Ver.1.21 / Ver.1.05 | A | CSRF vulnerability only |
| DocuPrint P385 dw | Ver.1.19 / Ver.1.05 | A | CSRF vulnerability only |
| DocuPrint P388 dw | Ver.1.19 / Ver.1.05 | A | CSRF vulnerability only |
| DocuPrint M378 d | Ver.K / Ver.1.05 | A | CSRF vulnerability only |
| DocuPrint M375 df | Ver.K / Ver.1.05 | A | CSRF vulnerability only |
| DocuPrint M378 df | Ver.K / Ver.1.05 | A | CSRF vulnerability only |
| DocuPrint M375 z | Ver.K / Ver.1.05 | A | CSRF vulnerability only |
| DocuPrint M385 z | Ver.L / Ver.1.05 | A | CSRF vulnerability only |
| DocuPrint P235 d | Ver.1.15 | B | |
| DocuPrint P275 dw | Ver.1.15 | B | |
| DocuPrint P285 dw | Ver.1.15 | B | |
| DocuPrint P288 dw | Ver.1.15 | B | |
| DocuPrint M235 dw | Ver.K / Ver.1.04 | B | |
| DocuPrint M235 z | Ver.K / Ver.1.04 | B | |
| DocuPrint M275 z | Ver.L / Ver.1.04 | B | |
| DocuPrint M285 z | Ver.L / Ver.1.04 | B | |
| DocuPrint M288 dw | Ver.E / Ver.1.04 | B | |
| DocuPrint M288 z | Ver.E / Ver.1.04 | B | |
| DocuPrint P225 d | Ver.1.18 / Ver.1.07 | C | |
| DocuPrint P268 d | Ver.1.22 / Ver.1.07 | C | |
| DocuPrint P268 dw | Ver.1.22 / Ver.1.07 | C | |
| DocuPrint P265 dw | Ver.1.22 / Ver.1.07 | C | |
| DocuPrint M268 dw | Ver.M / Ver.1.07 | C | |
| DocuPrint M268 z | Ver.M / Ver.1.07 | C | |
| DocuPrint M225 dw | Ver.P / Ver.1.07 | C | |
| DocuPrint M225 z | Ver.P / Ver.1.07 | C | |
| DocuPrint M265 z | Ver.P / Ver.1.07 | C | |
| DocuPrint P118 w | Ver. 1.12 | D | |
| DocuPrint P115 w | Ver. 1.12 | D | |
| DocuPrint M118 w | Ver. M | C | |
| DocuPrint M118 z | Ver. M | C | |
| DocuPrint M115 w | Ver. M | C | |
| DocuPrint M115 fw | Ver. M | C | |
| DocuPrint M115 z | Ver. M | C |
Details of vulnerability
Web Based Management is embedded in the above models, and it is possible to operate the devices or change configuration of the devices via web browser.
- Improper Authentication
By using the cookie-theft attack, an attacker may be able to access to Web Based Management function illegally, and view or change settings and information stored in the device. - Cross-Site Request Forgery (CSRF)
Cross-Site Request Forgery (CSRF) is an attack that forces a user to execute unwanted actions on a web application in which they are currently authenticated. With the Web Based Management function, an attacker exploiting the vulnerability may be able to view or change settings and information stored in the device.
Countermeasure
Please update the firmware to the fixed version. There are links to the download page in the above “Affected models and the versions of fixed firmware” table.
Please perform operation designated in “Operation Type” column for the model. The operation for Operation Type (A, B, C, and D) is shown below.
Operation type A or B
- Update the firmware with using Firmware update tool.
- Wait for the device restarting and become ready.
Operation type C
- Update the firmware with using Firmware update tool.
- Wait for the device restarting and become ready
- Enter the menu mode.
- Operate as following: Menu > 6. Network > 4. Web Based Management > OFF*
- *
The numbers on each item may be different for each model
If you want to turn this function ON again, please select “ON” in the operation #4 above.
Operation type D
In this device, Web Based Management function can be switched alternatively. Please set this function to OFF in this operation.
- Update the firmware with using Firmware update tool.
- Wait for the device restarting and become ready.
- Close the top cover and pull the power plug off.
- With top cover closed, keep pressing the power button and put the power plug in. Confirm that all the LEDs turn on.
- While keeping the power button pressed, open the top cover, and close it again. Confirm that the Error LED turns off.
- Release the power button and confirm that all the LEDs turns off.
- Press the power button five times and confirm that the power LED turns on when you push the power button.
- Wait for one minute.
- Print the Print Settings Page and confirm the Web Based Management item on Network Configuration is “Disabled.”
- If it is “Enabled,” then go back to operation #3 on this list.
Workarounds
We would like the customers to perform the below workarounds until the firmware is updated to the fixed version. It is possible to reduce the risk of attack.
- Please use your multi-function or single-function printers within the network protected by firewall etc.
- If access from the Internet is permitted, please consider allowing the access to restricted IP addresses only or use VPN to connect.
Related Information
CVE-2024-21824:Improper Authentication (CWE-287)
CVE-2024-22475:Cross-Site Request Forgery (CWE-352)
Contact
Please visit the FUJIFILM Business Innovation support website for more details:
https://support-fb.fujifilm.com/