CVE-2022-41807

Name: CVE-2022-41807
Creator: NVD / NIST
Published: 2022-12-05T04:15:10.02+00:00
License: https://creativecommons.org/publicdomain/zero/1.0/

MEDIUMCVSS 6.5/10EPSS 0.49%

Last modified Jun 17, 2026

CVE-2022-41807 is a medium-severity vulnerability rated 6.5/10 on the CVSS scale. Missing authorization vulnerability exists in Kyocera Document Solutions MFPs and printers, which may allow a network-adjacent attacker to alter the product settings without authentication by sending a specially crafted request. Affected products/versions are as follows: TASKalfa 7550ci/6550ci, TASKalfa 5550ci/4550ci/3550ci/3050ci, TASKalfa 255c/205c, TASKalfa 256ci/206ci, ECOSYS M6526cdn/M6526cidn, FS-C2126MFP/C2126MFP+/C2026MFP/C2026MFP+, TASKalfa 8000i/6500i, TASKalfa 5500i/4500i/3500i, TASKalfa 305/255, TASKalfa 306i/256i, LS-3140MFP/3140MFP+/3640MFP, ECOSYS M2535dn, LS-1135MFP/1035MFP, LS-C8650DN/C8600DN, ECOSYS P6026cdn, FS-C5250DN, LS-4300DN/4200DN/2100DN, ECOSYS P4040dn, ECOSYS P2135dn, and FS-1370DN.. EPSS estimates a 0.49% chance of exploitation in the next 30 days.

Description

Missing authorization vulnerability exists in Kyocera Document Solutions MFPs and printers, which may allow a network-adjacent attacker to alter the product settings without authentication by sending a specially crafted request. Affected products/versions are as follows: TASKalfa 7550ci/6550ci, TASKalfa 5550ci/4550ci/3550ci/3050ci, TASKalfa 255c/205c, TASKalfa 256ci/206ci, ECOSYS M6526cdn/M6526cidn, FS-C2126MFP/C2126MFP+/C2026MFP/C2026MFP+, TASKalfa 8000i/6500i, TASKalfa 5500i/4500i/3500i, TASKalfa 305/255, TASKalfa 306i/256i, LS-3140MFP/3140MFP+/3640MFP, ECOSYS M2535dn, LS-1135MFP/1035MFP, LS-C8650DN/C8600DN, ECOSYS P6026cdn, FS-C5250DN, LS-4300DN/4200DN/2100DN, ECOSYS P4040dn, ECOSYS P2135dn, and FS-1370DN.

Metrics

CVSS 3.1

6.5/10

CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

EPSS Probability

0.49%

38.4th percentile

Probability of exploitation in the next 30 days. Learn more

Weakness Enumeration

Affected Software

Vendor	Product	Versions
Kyocera	Taskalfa 7550ci Firmware	All versions
Kyocera	Taskalfa 6550ci Firmware	All versions
Kyocera	Taskalfa 5550ci Firmware	All versions
Kyocera	Taskalfa 4550ci Firmware	All versions
Kyocera	Taskalfa 3550ci Firmware	All versions
Kyocera	Taskalfa 3050ci Firmware	All versions
Kyocera	Taskalfa 255c Firmware	All versions
Kyocera	Taskalfa 205c Firmware	All versions
Kyocera	Taskalfa 256ci Firmware	All versions
Kyocera	Taskalfa 206ci Firmware	All versions
Kyocera	Ecosys M6526cdn Firmware	All versions
Kyocera	Ecosys M6526cidn Firmware	All versions
Kyocera	Fs-C2126mfp Firmware	All versions
Kyocera	Fs-C2126mfp\+ Firmware	All versions
Kyocera	Fs-C2026mfp Firmware	All versions
Kyocera	Taskalfa 8000i Firmware	All versions
Kyocera	Taskalfa 6500i Firmware	All versions
Kyocera	Taskalfa 5500i Firmware	All versions
Kyocera	Taskalfa 4500i Firmware	All versions
Kyocera	Taskalfa 3500i Firmware	All versions
Kyocera	Taskalfa 305 Firmware	All versions
Kyocera	Taskalfa 255 Firmware	All versions
Kyocera	Taskalfa 306i Firmware	All versions
Kyocera	Taskalfa 256i Firmware	All versions
Kyocera	Ls-3140mfp Firmware	All versions
Kyocera	Ls-3140mfp\+ Firmware	All versions
Kyocera	Ls-3640mfp Firmware	All versions
Kyocera	Ecosys M2535dn Firmware	All versions
Kyocera	Ls-1135mfp Firmware	All versions
Kyocera	Ls-1035mfp Firmware	All versions
Kyocera	Ls-C8650dn Firmware	All versions
Kyocera	Ls-C8600dn Firmware	All versions
Kyocera	Ecosys P6026cdn Firmware	All versions
Kyocera	Fs-C5250dn Firmware	All versions
Kyocera	Ls-4300dn Firmware	All versions
Kyocera	Ls-4200dn Firmware	All versions
Kyocera	Ls-2100dn Firmware	All versions
Kyocera	Ecosys P4040dn Firmware	All versions
Kyocera	Ecosys P2135dn Firmware	All versions
Kyocera	Fs-1370dn Firmware	All versions

References

https://jvn.jp/en/jp/JVN46345126/index.htmlVendor Advisory
https://www.kyoceradocumentsolutions.co.jp/support/information/info_20221101.htmlMitigation, Vendor Advisory
https://www.kyoceradocumentsolutions.com/en/our-business/security/information/2022-11-01.htmlThird Party Advisory
https://jvn.jp/en/jp/JVN46345126/index.htmlVendor Advisory
https://www.kyoceradocumentsolutions.co.jp/support/information/info_20221101.htmlMitigation, Vendor Advisory
https://www.kyoceradocumentsolutions.com/en/our-business/security/information/2022-11-01.htmlThird Party Advisory

Timeline

Published: Dec 5, 2022
Last Modified: Jun 17, 2026
Status: Modified

Frequently Asked Questions

What is CVE-2022-41807?

How severe is CVE-2022-41807?

CVE-2022-41807 has a CVSS score of 6.5/10 (MEDIUM severity). The EPSS model estimates a 0.49% probability of exploitation in the next 30 days.

How do I fix CVE-2022-41807?

Check the vendor references and advisories linked above for patched versions and mitigation guidance. You can also run a Strix scan to test if your systems are affected.

Are you affected by CVE-2022-41807?

Run a free Strix scan to check your systems for this vulnerability.

Scan your code now

Source: NVD / NIST