Subj : Kyocera Device Manager found to have serious security flaws
To   : All
From : TechnologyDaily
Date : Tue Jan 09 2024 15:15:05

Kyocera Device Manager found to have serious security flaws

Date:
Tue, 09 Jan 2024 14:59:25 +0000

Description:
Hackers could gain access to Kyocera user accounts and steal sensitive data, 
Trustwave claims.

FULL STORY
======================================================================

Kyoceras Device Manager software, which allows IT managers to monitor and 
manage large fleets of Kyocera printers and multifunction devices, carried a 
vulnerability that could have been abused by hackers and other threat actors, 
according to Trustwave SpiderLabs Senior Technical Specialist, Jordan Hedges. 

In a technical writeup posted on Trustwaves website , the company explained 
that the flaw allows attackers to coerce authentication attempts to their own 
resources, such as a malicious SMB share, to capture or relay Active 
Directory hashed credentials if the 'Restrict NTLM: Outgoing NTLM traffic to 
remote servers' security policy is not enabled.". 

The vulnerability is now tracked as CVE-2023-50916, and is being described as 
a path traversal problem that allows attackers to intercept and modify local 
path pointing to the backup location of the database, to a universal naming 
convention (UNC) path. Patched endpoints 

As a result, the app will try and authenticate the malicious UNC path, 
granting attackers access to client accounts and sensitive data. Hedges also 
explained that the attackers could even abuse the flaw to mount NTLM relay 
attacks, if granted by the environments configuration. 

Kyocera addressed the problem by releasing a patch, so those interested in 
keeping their endpoints secure should make sure their Device Manager is in 
version 3.1.1213.0. 

There is no evidence of the bug being exploited in the wild, however, when 
news of a patch breaks, threat actors usually start scanning the internet for 
vulnerable endpoints. Given that many IT teams fail to keep their systems 
updated at all times, the risk of exploit is now even greater than when the 
flaw was a zero-day. 

We value vendors like Kyocera for their transparency and commitment to 
security, Trustwave concluded. More from TechRadar Pro Crypto scammers are 
hijacking this Twitter feature to snare new victims Here's a list of the best 
firewalls today These are the best malware removal software choices right now



======================================================================
Link to news story:
https://www.techradar.com/pro/security/kyocera-device-manager-found-to-have-se
rious-security-flaws


--- Mystic BBS v1.12 A47 (Linux/64)
 * Origin: tqwNet Technology News (1337:1/100)

.