CVE-2024-27974

Description

Cross-site request forgery vulnerability in FUJIFILM printers which implement CentreWare Internet Services or Internet Services allows a remote unauthenticated attacker to alter user information. In the case the user is an administrator, the settings such as the administrator's ID, password, etc. may be altered. As for the details of affected product names, model numbers, and versions, refer to the information provided by the vendor listed under [References].

Category

6.3
CVSS
Severity: Medium
CVSS 3.1 •
EPSS 0.22%
Affected: FUJIFILM Business Inovation Corp. DocuPrint P450 d
Affected: FUJIFILM Business Inovation Corp. DocuPrint P450 JM
Affected: FUJIFILM Business Inovation Corp. DocuPrint P450 ps
Affected: FUJIFILM Business Inovation Corp. DocuPrint P455 d
Affected: FUJIFILM Business Inovation Corp. DocuPrint M455 df
Affected: FUJIFILM Business Inovation Corp. DocuPrint C2255
Affected: FUJIFILM Business Inovation Corp. DocuPrint C2450
Affected: FUJIFILM Business Inovation Corp. DocuPrint C2450 II
Affected: FUJIFILM Business Inovation Corp. DocuPrint C3200A
Affected: FUJIFILM Business Inovation Corp. DocuPrint C3350
Affected: FUJIFILM Business Inovation Corp. DocuPrint C3360
Affected: FUJIFILM Business Inovation Corp. DocuPrint C3450 d
Affected: FUJIFILM Business Inovation Corp. DocuPrint C3450 d II
Affected: FUJIFILM Business Inovation Corp. DocuPrint 4050
Affected: FUJIFILM Business Inovation Corp. DocuPrint 4060
Affected: FUJIFILM Business Inovation Corp. DocuPrint 5060
Affected: FUJIFILM Business Inovation Corp. DocuCentre-IV C2260
Affected: FUJIFILM Business Inovation Corp. DocuCentre-IV C2270
Affected: FUJIFILM Business Inovation Corp. DocuCentre-IV C3370
Affected: FUJIFILM Business Inovation Corp. DocuCentre-IV C4470
Affected: FUJIFILM Business Inovation Corp. DocuCentre-IV C5570
Affected: FUJIFILM Business Inovation Corp. ApeosPort-IV C2270
Affected: FUJIFILM Business Inovation Corp. ApeosPort-IV C3370
Affected: FUJIFILM Business Inovation Corp. ApeosPort-IV C4470
Affected: FUJIFILM Business Inovation Corp. ApeosPort-IV C5570
Affected: FUJIFILM Business Inovation Corp. ApeosPort-IV C2270 R
Affected: FUJIFILM Business Inovation Corp. ApeosPort-IV C3370 R
Affected: FUJIFILM Business Inovation Corp. ApeosPort-IV C4470 R
Affected: FUJIFILM Business Inovation Corp. ApeosPort-IV C5570 R
Affected: FUJIFILM Business Inovation Corp. ApeosWide 6050/3030
Affected: FUJIFILM Business Inovation Corp. DocuWide 6057/3037
Affected: FUJIFILM Business Inovation Corp. DocuWide 6055
Affected: FUJIFILM Business Inovation Corp. DocuWide 3035
Affected: FUJIFILM Business Inovation Corp. DocuWide C842
Affected: FUJIFILM Business Inovation Corp. DocuWide 2055
Affected: FUJIFILM Business Inovation Corp. DocuWide 9098α
Affected: FUJIFILM Business Inovation Corp. DocuWide 9095α
Published at:
Updated at:

References

Link Tags
https://www.fujifilm.com/fbglobal/eng/company/news/notice/2024/0306_1_announce.html
https://jvn.jp/en/jp/JVN34328023/

Frequently Asked Questions

What is the severity of CVE-2024-27974?
CVE-2024-27974 has been scored as a medium severity vulnerability.
How to fix CVE-2024-27974?
To fix CVE-2024-27974, make sure you are using an up-to-date version of the affected component(s) by checking the vendor release notes. As for now, there are no other specific guidelines available.
Is CVE-2024-27974 being actively exploited in the wild?
As for now, there are no information to confirm that CVE-2024-27974 is being actively exploited. According to its EPSS score, there is a ~0% probability that this vulnerability will be exploited by malicious actors in the next 30 days.
What software or system is affected by CVE-2024-27974?
CVE-2024-27974 affects FUJIFILM Business Inovation Corp. DocuPrint P450 d, FUJIFILM Business Inovation Corp. DocuPrint P450 JM, FUJIFILM Business Inovation Corp. DocuPrint P450 ps, FUJIFILM Business Inovation Corp. DocuPrint P455 d, FUJIFILM Business Inovation Corp. DocuPrint M455 df, FUJIFILM Business Inovation Corp. DocuPrint C2255, FUJIFILM Business Inovation Corp. DocuPrint C2450, FUJIFILM Business Inovation Corp. DocuPrint C2450 II, FUJIFILM Business Inovation Corp. DocuPrint C3200A, FUJIFILM Business Inovation Corp. DocuPrint C3350, FUJIFILM Business Inovation Corp. DocuPrint C3360, FUJIFILM Business Inovation Corp. DocuPrint C3450 d, FUJIFILM Business Inovation Corp. DocuPrint C3450 d II, FUJIFILM Business Inovation Corp. DocuPrint 4050, FUJIFILM Business Inovation Corp. DocuPrint 4060, FUJIFILM Business Inovation Corp. DocuPrint 5060, FUJIFILM Business Inovation Corp. DocuCentre-IV C2260, FUJIFILM Business Inovation Corp. DocuCentre-IV C2270, FUJIFILM Business Inovation Corp. DocuCentre-IV C3370, FUJIFILM Business Inovation Corp. DocuCentre-IV C4470, FUJIFILM Business Inovation Corp. DocuCentre-IV C5570, FUJIFILM Business Inovation Corp. ApeosPort-IV C2270, FUJIFILM Business Inovation Corp. ApeosPort-IV C3370, FUJIFILM Business Inovation Corp. ApeosPort-IV C4470, FUJIFILM Business Inovation Corp. ApeosPort-IV C5570, FUJIFILM Business Inovation Corp. ApeosPort-IV C2270 R, FUJIFILM Business Inovation Corp. ApeosPort-IV C3370 R, FUJIFILM Business Inovation Corp. ApeosPort-IV C4470 R, FUJIFILM Business Inovation Corp. ApeosPort-IV C5570 R, FUJIFILM Business Inovation Corp. ApeosWide 6050/3030, FUJIFILM Business Inovation Corp. DocuWide 6057/3037, FUJIFILM Business Inovation Corp. DocuWide 6055, FUJIFILM Business Inovation Corp. DocuWide 3035, FUJIFILM Business Inovation Corp. DocuWide C842, FUJIFILM Business Inovation Corp. DocuWide 2055, FUJIFILM Business Inovation Corp. DocuWide 9098α, FUJIFILM Business Inovation Corp. DocuWide 9095α.
This platform uses data from the NIST NVD, MITRE CVE, MITRE CWE, First.org and CISA KEV but is not endorsed or certified by these entities. CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site.
© 2025 Under My Watch. All Rights Reserved.