Skip to main content

Security Vulnerability in UTAX Device Manager

I. Vulnerability summary

Product:

UTAX Device Manager

Description:

CVE-2023-50916: A security vulnerability has been discovered in the “UTAX Device Manager” – a management tool that allows network administrators to centrally monitor devices such as MFPs and printers on the network. 

The vulnerability allows a malicious attacker to tamper with a network shared folder path in a configuration that specifies a local folder path to back up the “UTAX Device Manager” database. This may enable you to obtain user authentication information. 

However, an attacker must enter the same environment as the network on which “UTAX Device Manager” is running. In addition, knowing the credentials is a prerequisite and the risk of occurrence is considered low. 

Impact on our products:

As of the date of publication of this notice, we have not confirmed any attacks that take advantage of this vulnerability. 

II. Solution

As a countermeasure, we provide a new version of the “UTAX Device Manager” that addresses the security vulnerability (version 3.1.1213.0). Please install the latest driver.