CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:L/Au:N/C:P/I:P/A:N
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
EPSS
Percentile
53.5%
The Rambus SafeZone Basic Crypto Module before 10.4.0, as used in certain Fujifilm (formerly Fuji Xerox) devices before 2022-03-01, Canon imagePROGRAF and imageRUNNER devices through 2022-03-14, and potentially many other devices, generates RSA keys that can be broken with Fermat’s factorization method. This allows efficient calculation of private RSA keys from the public key of a TLS certificate.
Vendor | Product | Version | CPE |
---|---|---|---|
rambus | safezone_basic_crypto_module | * | cpe:2.3:a:rambus:safezone_basic_crypto_module:*:*:*:*:non-fips_certified:*:*:* |
fujifilm | apeos_c7070_firmware | * | cpe:2.3:o:fujifilm:apeos_c7070_firmware:*:*:*:*:*:*:*:* |
fujifilm | apeos_c7070 | - | cpe:2.3:h:fujifilm:apeos_c7070:-:*:*:*:*:*:*:* |
fujifilm | apeos_c6570_firmware | * | cpe:2.3:o:fujifilm:apeos_c6570_firmware:*:*:*:*:*:*:*:* |
fujifilm | apeos_c6570 | - | cpe:2.3:h:fujifilm:apeos_c6570:-:*:*:*:*:*:*:* |
fujifilm | apeos_c5570_firmware | * | cpe:2.3:o:fujifilm:apeos_c5570_firmware:*:*:*:*:*:*:*:* |
fujifilm | apeos_c5570 | - | cpe:2.3:h:fujifilm:apeos_c5570:-:*:*:*:*:*:*:* |
fujifilm | apeos_c4570_firmware | * | cpe:2.3:o:fujifilm:apeos_c4570_firmware:*:*:*:*:*:*:*:* |
fujifilm | apeos_c4570 | - | cpe:2.3:h:fujifilm:apeos_c4570:-:*:*:*:*:*:*:* |
fujifilm | apeos_c3570_firmware | * | cpe:2.3:o:fujifilm:apeos_c3570_firmware:*:*:*:*:*:*:*:* |
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:L/Au:N/C:P/I:P/A:N
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
EPSS
Percentile
53.5%