Detections
Analytics

Konica Bizhub Multifunction Printers Stack-based Buffer Overflow (CVE-2024-51979)

high Tenable OT Security Plugin ID 505035

Synopsis

The remote OT asset is affected by a vulnerability.

Description

An authenticated attacker may trigger a stack based buffer overflow by performing a malformed request to either the HTTP service (TCP port 80), the HTTPS service (TCP port 443), or the IPP service (TCP port 631). The malformed request will contain an empty Origin header value and a malformed Referer header value. The Referer header value will trigger a stack based buffer overflow when the host value in the Referer header is processed and is greater than 64 bytes in length.

Solution

Refer to the vendor advisory.

See Also

https://nvd.nist.gov/vuln/detail/CVE-2024-51979

https://www.cve.org/CVERecord?id=CVE-2024-51979

http://www.nessus.org/u?6c7d4950

Plugin Details

Severity: High

ID: 505035

File Name: tenable_ot_konica_CVE-2024-51979.nasl

Version: 1.1

Type: remote

Family: Tenable.ot

Published: 1/21/2026

Updated: 1/21/2026

Supported Sensors: Tenable OT Security

Risk Information

VPR

Risk Factor: Medium

Score: 6.7

CVSS v3

Risk Factor: High

Base Score: 7.2

Vector: CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

Vulnerability Information

CPE: cpe:/o:konicaminolta:bizhub_5000i_firmware, cpe:/o:konicaminolta:bizhub_3000mf_firmware, cpe:/o:konicaminolta:bizhub_4020i_firmware, cpe:/o:konicaminolta:bizhub_3080mf_firmware, cpe:/o:konicaminolta:bizhub_5020i_firmware, cpe:/o:konicaminolta:bizhub_4000i_firmware

Required KB Items: Tenable.ot/Konica

Vulnerability Publication Date: 6/25/2025

Reference Information

CVE: CVE-2024-51979

CWE: 121