Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
6.4
CVSSv2

CVE-2022-26320

Published: 14/03/2022 Updated: 23/03/2022
CVSS v2 Base Score: 6.4 | Impact Score: 4.9 | Exploitability Score: 10
CVSS v3 Base Score: 9.1 | Impact Score: 5.2 | Exploitability Score: 3.9
VMScore: 570
Vector: AV:N/AC:L/Au:N/C:P/I:P/A:N

Vulnerability Summary

The Rambus SafeZone Basic Crypto Module prior to 10.4.0, as used in certain Fujifilm (formerly Fuji Xerox) devices prior to 2022-03-01, Canon imagePROGRAF and imageRUNNER devices through 2022-03-14, and potentially many other devices, generates RSA keys that can be broken with Fermat's factorization method. This allows efficient calculation of private RSA keys from the public key of a TLS certificate.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

rambus safezone basic crypto module

fujifilm apeos_c7070_firmware

fujifilm apeos_c6570_firmware

fujifilm apeos_c5570_firmware

fujifilm apeos_c4570_firmware

fujifilm apeos_c3570_firmware

fujifilm apeos_c3070_firmware

fujifilm apeos_c7070_g_firmware

fujifilm apeos_c6570_g_firmware

fujifilm apeos_c5570_g_firmware

fujifilm apeos_c4570_g_firmware

fujifilm apeos_c3570_g_firmware

fujifilm apeos_c3070_g_firmware

fujifilm apeos_c328_df_firmware

fujifilm apeos_c328_dw_firmware

fujifilm apeos_c325_dw_firmware

fujifilm apeos_c325_z_firmware

fujifilm apeos_c8180_firmware

fujifilm apeos_c7580_firmware

fujifilm apeos_c6580_firmware

fujifilm apeosport_3560_firmware

fujifilm apeosport_3060_firmware

fujifilm apeosport_2560_firmware

fujifilm apeosport_3560_g_firmware

fujifilm apeosport_3060_g_firmware

fujifilm apeosport_2560_g_firmware

fujifilm apeosport_4570_g_firmware

fujifilm apeosport_5570_g_firmware

fujifilm apeosport_4570_firmware

fujifilm apeosport_5570_firmware

fujifilm apeosport_c3060_firmware

fujifilm apeosport_c2560_firmware

fujifilm apeosport_c2060_firmware

fujifilm apeosport_c2560_g_firmware

fujifilm apeosport_c2060_g_firmware

fujifilm apeosport_c7070_firmware

fujifilm apeosport_c4570_firmware

fujifilm apeosport_c3570_firmware

fujifilm apeosport_c3070_firmware

fujifilm apeosport_c6570_firmware

fujifilm apeosport_c5570_firmware

fujifilm apeosport_c7070_g_firmware

fujifilm apeosport_c4570_g_firmware

fujifilm apeosport_c3570_g_firmware

fujifilm apeosport_c3070_g_firmware

fujifilm apeosport_c6570_g_firmware

fujifilm apeosport_c5570_g_firmware

fujifilm apeosport_print_c5570_firmware

fujifilm apeosport-vii_5021_firmware

fujifilm apeosport-vii_p4021_firmware

fujifilm apeosport-vii_4021_firmware

fujifilm apeosport-vii_cp4421_firmware

fujifilm apeosport-vii_c4421_firmware

fujifilm apeosport-vii_c3321_firmware

fujifilm apeosport-vii_c7773_firmware

fujifilm apeosport-vii_c6773_firmware

fujifilm apeosport-vii_c5573_firmware

fujifilm apeosport-vii_c4473_firmware

fujifilm apeosport-vii_c3373_firmware

fujifilm apeosport-vii_c3372_firmware

fujifilm apeosport-vii_c2273_firmware

fujifilm apeosport-vii_c7788_firmware

fujifilm apeosport-vii_c6688_firmware

fujifilm apeosport-vii_c5588_firmware

fujifilm apeospro_c810_firmware

fujifilm apeospro_c750_firmware

fujifilm apeospro_c650_firmware

fujifilm apeosprint_c328_firmware

fujifilm apeosprint_c328_dw_firmware

fujifilm apeosprint_c325_dw_firmware

fujifilm docucentre-vii_c7773_firmware

fujifilm docucentre-vii_c6673_firmware

fujifilm docucentre-vii_c5573_firmware

fujifilm docucentre-vii_c4473_firmware

fujifilm docucentre-vii_c3373_firmware

fujifilm docucentre-vii_c3372_firmware

fujifilm docucentre-vii_c2273_firmware

fujifilm docucentre-vii_c7788_firmware

fujifilm docucentre-vii_c6688_firmware

fujifilm docucentre-vii_c5588_firmware

fujifilm docuprint_4405_d_firmware

fujifilm docuprint_4408_d_firmware

fujifilm docuprint_3505_d_firmware

fujifilm docuprint_3508_d_firmware

fujifilm docuprint_3205_d_firmware

fujifilm docuprint_3208_d_firmware

fujifilm docuprint_c3555_d_firmware

fujifilm docuprint_c2555_d_firmware

fujifilm primelink_c9070_firmware

fujifilm primelink_c9065_firmware

canon imagerunner firmware

canon imageprograf firmware

Github Repositories

https://github.com/google/paranoid_crypto

Paranoid's library contains implementations of checks for well known weaknesses on cryptographic artifacts.

Project Paranoid Overview Paranoid project checks for well known weaknesses on cryptographic artifacts such as public keys, digital signatures and general pseudorandom numbers This library contains implementations and optimizations of existing work found in the literature The existing work showed that the generation of these artifacts was flawed in some cases The following

References

CWE-330https://fermatattack.secvuln.infohttps://www.fujifilm.com/fbglobal/eng/company/news/notice/2022/0302_rsakey_announce.htmlhttps://safezoneswupdate.comhttps://global.canon/en/support/security/index.htmlhttps://nvd.nist.govhttps://github.com/google/paranoid_crypto
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4367CVE-2024-3611CVE-2024-4947CVE-2024-32988CVE-2020-35165local file inclusionCVE-2024-4980bypassmalicious code‎
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook