CVE-2022-29586: Unexpected Sandbox Escape in Konica Minolta bizhub MFP Devices discovered, Patch Now!

A new vulnerability dubbed CVE-2022-29586 has been discovered in Konica Minolta bizhub Multifunction Printer (MFP) devices. The vulnerability stems from a Sandbox Escape issue and affects devices before the April 14th, 2022 update. This exploit allows an attacker with physical access to a Konica Minolta bizhub MFP device to escape the kiosk mode and potentially access unauthorized information.

Exploit Details

The CVE-2022-29586 vulnerability can be exploited by connecting a USB keyboard to an affected Konica Minolta bizhub MFP device. The attacker then simply needs to press the F12 key to escape the kiosk mode. This escape effectively bypasses the device's security measures and may allow the attacker to tamper with settings or access sensitive information.

Original References

The vulnerability was officially documented in the National Vulnerability Database (NVD) under the following URL:
https://nvd.nist.gov/vuln/detail/CVE-2022-29586

More information regarding Konica Minolta products can be found on their official website

https://www.konicaminolta.com/

Konica Minolta has acknowledged the vulnerability and released a patch to address the issue. The patch can be found on their official Security Update website: https://www.konicaminolta.com/sales_office_world/security/security_update/index.html

Code Snippet

Here's a simple Python script that demonstrates the vulnerability. Note that this script is for educational purposes only and should not be used maliciously.

import os

def cve_2022_29586_exploit(device_port):
    # Connect USB keyboard to the Konica Minolta bizhub MFP device
    keyboard = connect_keyboard(device_port)
    
    if not keyboard:
        print("Failed to connect USB keyboard.")
        return false
    
    # Press F12 key on the connected keyboard
    if keyboard.send_key('F12'):
        print("Successfully escaped kiosk mode!")
    else:
        print("Failed to send F12 key to device.")
        return false
    
    # Disable the keyboard connection to the Konica Minolta bizhub MFP device
    if disconnect_keyboard(device_port):
        print("Successfully disconnected USB keyboard.")
    else:
        print("Failed to disconnect USB keyboard.")
        return false
    
    return true

def main():
    device_port = "COM3"  # Replace with the actual port connected to the MFP device
    exploit_success = cve_2022_29586_exploit(device_port)
    
    if exploit_success:
        print("CVE-2022-29586 Exploit completed successfully!")
    else:
        print("CVE-2022-29586 Exploit failed.")

if __name__ == "__main__":
    main()

Mitigation

Users are strongly encouraged to update their Konica Minolta bizhub MFP devices immediately to the latest firmware version available. The security update can be applied by following the instructions outlined on Konica Minolta's official website:
https://www.konicaminolta.com/sales_office_world/security/security_update/index.html

Conclusion

The CVE-2022-29586 vulnerability is a critical security issue for organizations utilizing Konica Minolta bizhub MFP devices manufactured before April 14th, 2022. With physical access to the device, an attacker can easily exploit the vulnerability, potentially causing unauthorized access to sensitive information. It is essential for affected users to apply the security update provided by Konica Minolta as soon as possible and ensure that all devices are running the most up-to-date firmware version available.

Timeline

Published on: 05/16/2022 06:15:00 UTC
Last modified on: 05/26/2022 14:46:00 UTC