Reporter Japan Vulnerability Notes
Multiple Fuji Xerox mobile applications fail to verify SSL server certificates (CWE-295).
A man-in-the-middle attack may allow an attacker to eavesdrop on an encrypted communication.
Update the Software
Update to the latest version according to the information provided by the developer.
## Products Affected
- netprint App for iOS 3.2.3 and earlier - CVE-2020-5520
- kantan netprint App for iOS 2.0.2 and earlier - CVE-2020-5521
- kantan netprint App for Android 2.0.3 and earlier - CVE-2020-5522
According to the developer, netprint App for Android is not affected by this vulnerability.