Security Experts:

Connect with us

Hi, what are you looking for?


IoT Security

Hundreds of Thousands of Konica Printers Vulnerable to Hacking via ​​Physical Access

Researchers at Atos-owned cybersecurity consulting firm SEC Consult analyzed Konica Minolta printers to determine what could be achieved by an attacker who has physical access to a device. The answer: a lot!

Researchers at Atos-owned cybersecurity consulting firm SEC Consult analyzed Konica Minolta printers to determine what could be achieved by an attacker who has physical access to a device. The answer: a lot!

The analysis was conducted in late 2019 and it targeted Konica Minolta bizhub C3300i and C3350i multi-function printers (MFPs).

Konica Minolta printer hack

SEC Consult said the vendor was responsive and produced firmware and operating system patches in early 2020, but details are only being disclosed now because the COVID-19 pandemic prevented the delivery of the fixes to devices. While a remote firmware update mechanism is being rolled out, the patches in many cases need to be manually installed by a service technician.

SEC Consult found that an attacker who has physical access to the targeted device’s touchscreen terminal could escape the sandbox and gain root access to the underlying operating system.

The analysis resulted in the discovery of three vulnerabilities. One of them, tracked as CVE-2022-29586, allows an attacker who can connect an external USB keyboard to the printer to escape the regular user interface displayed in the terminal. The researchers found that some sections of the interface were actually a Chromium browser running in “kiosk mode,” which could be escaped by pressing the F12 key, which opens up the developer console.

Since this Chromium instance was running with root privileges — this issue has been assigned ​​CVE-2022-29587 — an attacker could gain elevated permissions and abuse the developer console to read and write arbitrary files to the system. The files that could be accessed included files that stored administrator passwords in clear text (CVE-2022-29588).

SEC Consult showed that an attacker could have tampered with the touchscreen to display a website controlled by the attacker instead of the regular user interface. This could have been used to display fake login screens to phish domain credentials, or to automatically send a copy of printed or scanned files to a remote server controlled by the attacker.

Konica Minolta printer hack

The Japanese tech giant’s investigation showed that the vulnerabilities impact 46 bizhub MFP models, as well as rebranded products offered by multiple unnamed companies. SEC Consult estimates that hundreds of thousands of printers around the world are affected — or at least they were affected at one point before patches were deployed. A list of impacted models is available in an advisory published on Thursday by SEC Consult.

In addition to providing patches, Konica Minolta recommends some mitigations, such as disabling the use of external USB keyboards. Another mitigating factor, as pointed out by SEC Consult, is that “Public User Access” needs to be enabled on the printer for the attack to be possible.

Related: Serious Vulnerability Exploited at Hacking Contest Impacts Over 200 HP Printers

Related: Xerox Quietly Patched Device-Bricking Flaw Affecting Some Printers

Related: Critical Vulnerability Found in More Than 150 HP Printer Models

Written By

Eduard Kovacs (@EduardKovacs) is a contributing editor at SecurityWeek. He worked as a high school IT teacher for two years before starting a career in journalism as Softpedia’s security news reporter. Eduard holds a bachelor’s degree in industrial informatics and a master’s degree in computer techniques applied in electrical engineering.

Click to comment

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join this webinar to learn best practices that organizations can use to improve both their resilience to new threats and their response times to incidents.


Join this live webinar as we explore the potential security threats that can arise when third parties are granted access to a sensitive data or systems.


Expert Insights

Related Content


Less than a week after announcing that it would suspended service indefinitely due to a conflict with an (at the time) unnamed security researcher...

Risk Management

The supply chain threat is directly linked to attack surface management, but the supply chain must be known and understood before it can be...


Apple has released updates for macOS, iOS and Safari and they all include a WebKit patch for a zero-day vulnerability tracked as CVE-2023-23529.

Application Security

Drupal released updates that resolve four vulnerabilities in Drupal core and three plugins.


Patch Tuesday: Microsoft warns vulnerability (CVE-2023-23397) could lead to exploitation before an email is viewed in the Preview Pane.

Cloud Security

VMware vRealize Log Insight vulnerability allows an unauthenticated attacker to take full control of a target system.

IoT Security

Lexmark warns of a remote code execution (RCE) vulnerability impacting over 120 printer models, for which PoC code has been published.

Application Security

A CSRF vulnerability in the source control management (SCM) service Kudu could be exploited to achieve remote code execution in multiple Azure services.