Safety-relevant information:
Vulnerability in the KX driver (CVE-2023-38634)
I. Vulnerability summary
Publication:
May 24, 2023
Description:
CVE-2023-38634: The following vulnerability has been identified in the KX Driver: Authorization Vulnerability.
The vulnerability relates to a vulnerability known as Microsoft Windows Unquoted Service Path Enumeration. A vulnerability in the executable path and the creation of an unquoted service may allow an attacker to execute arbitrary programs (e.g. malware) with Windows system privileges.
It is possible to revoke Windows system privileges and it is possible to spy on information that exists under Windows or to carry out an attack with system privileges.
To do this, the attacker must have access to the target Windows system.
Products affected:
Software products affected by a similar vulnerability:
May 24, 2023
Description:
CVE-2023-38634: The following vulnerability has been identified in the KX Driver: Authorization Vulnerability.
The vulnerability relates to a vulnerability known as Microsoft Windows Unquoted Service Path Enumeration. A vulnerability in the executable path and the creation of an unquoted service may allow an attacker to execute arbitrary programs (e.g. malware) with Windows system privileges.
It is possible to revoke Windows system privileges and it is possible to spy on information that exists under Windows or to carry out an attack with system privileges.
To do this, the attacker must have access to the target Windows system.
Products affected:
Software products affected by a similar vulnerability:
- Status Monitor
- TA Fleetmanager NetGateway
- Device Manager
- TA Cloud Print and Scan Desktop client
- TA Smart Information Manager (TASIM)
At the time of this publication, we are not aware of any attacks that exploit these vulnerabilities.
II. Solution
As a countermeasure, a new KX Driver web package is available that addresses the vulnerability. We recommend installing the latest driver.
Release of update versions for the affected products.
KX Treiber (incl. Status Monitor) released
TA Fleetmanager NetGateway released
Device Manager released
TA Cloud Print and Scan released
TA Smart Information Manager (TASIM) released
Release of update versions for the affected products.
KX Treiber (incl. Status Monitor) released
TA Fleetmanager NetGateway released
Device Manager released
TA Cloud Print and Scan released
TA Smart Information Manager (TASIM) released
III. Further information
The KX v8.4 driver was released on March 14, 2024. Since the vulnerability was announced, new models have been released that contain the KX driver in a version lower than 8.4. The following models have had this vulnerability patch applied from the first release.
- P-C3563i MFP, P-C3567i MFP, P-C4063i MFP, P-C4067i MFP: KX8.2.2130
- P-C2651DW, P-C2157w MFP, P-C2656w MFP: KX8.3.2707
- P-4027iw MFP, P-4026w MFP, P-4021 MFP, P-3527w MFP, P-3521 MFP, P-3522DW, P-4021DN, P-4021DW: KX8.3.2708