FKIE_CVE-2025-6081

Vulnerability from fkie_nvd - Published: 2025-07-01 04:15 - Updated: 2025-07-03 15:14
Severity ?
6.8 (Medium) - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N
Summary
Insufficiently Protected Credentials in LDAP in Konica Minolta bizhub 227 Multifunction printers version GCQ-Y3 or earlier allows an attacker can reconfigure the target device to use an external LDAP service controlled by the attacker. If an LDAP password is set on the target device, the attacker can force the target device to authenticate to the attacker controlled LDAP service. This will allow the attacker to capture the plaintext password of the configured LDAP service.
References
cve@rapid7.comhttps://www.konicaminolta.com/global-en/security/advisory/pdf/km-2025-0003.pdf
cve@rapid7.comhttps://www.rapid7.com/blog/post/cve-2025-6081-konica-minolta-bizhub-pass-back-attack-vulnerability-not-fixed/
Impacted products
Vendor Product Version
To clipboard 

{
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Insufficiently Protected Credentials in LDAP in Konica Minolta\u00a0bizhub 227 Multifunction printers\u00a0version GCQ-Y3 or earlier\u00a0allows an attacker can reconfigure the target device to use an external LDAP service controlled by the attacker. If an LDAP password is set on the target device, the attacker can force the target device to authenticate to the attacker controlled LDAP service. This will allow the attacker to capture the plaintext password of the configured LDAP service."
    },
    {
      "lang": "es",
      "value": "Las credenciales de protecci\u00f3n insuficiente en LDAP en las impresoras Konica Minolta bizhub 227 Multifunction, versi\u00f3n GCQ-Y3 o anterior, permiten que un atacante reconfigura el dispositivo objetivo para usar un servicio LDAP externo controlado por el atacante. Si se configura una contrase\u00f1a LDAP en el dispositivo objetivo, el atacante puede forzar su autenticaci\u00f3n en el servicio LDAP controlado por el atacante. Esto le permitir\u00e1 capturar la contrase\u00f1a en texto plano del servicio LDAP configurado."
    }
  ],
  "id": "CVE-2025-6081",
  "lastModified": "2025-07-03T15:14:12.767",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "NONE",
          "baseScore": 6.8,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "NONE",
          "privilegesRequired": "HIGH",
          "scope": "CHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N",
          "version": "3.1"
        },
        "exploitabilityScore": 2.3,
        "impactScore": 4.0,
        "source": "cve@rapid7.com",
        "type": "Secondary"
      }
    ]
  },
  "published": "2025-07-01T04:15:45.530",
  "references": [
    {
      "source": "cve@rapid7.com",
      "url": "https://www.konicaminolta.com/global-en/security/advisory/pdf/km-2025-0003.pdf"
    },
    {
      "source": "cve@rapid7.com",
      "url": "https://www.rapid7.com/blog/post/cve-2025-6081-konica-minolta-bizhub-pass-back-attack-vulnerability-not-fixed/"
    }
  ],
  "sourceIdentifier": "cve@rapid7.com",
  "vulnStatus": "Awaiting Analysis",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-522"
        }
      ],
      "source": "cve@rapid7.com",
      "type": "Secondary"
    }
  ]
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.



Detection rules are retrieved from Rulezet.