Detections
Analytics

Konica Bizhub Multifunction Printers Use of Weak Credentials (CVE-2024-51978)

critical Tenable OT Security Plugin ID 505040

Synopsis

The remote OT asset is affected by a vulnerability.

Description

An unauthenticated attacker who knows the target device's serial number, can generate the default administrator password for the device. An unauthenticated attacker can first discover the target device's serial number via CVE-2024-51977 over HTTP/HTTPS/IPP, or via a PJL request, or via an SNMP request.

Solution

Refer to the vendor advisory.

See Also

https://nvd.nist.gov/vuln/detail/CVE-2024-51978

https://www.cve.org/CVERecord?id=CVE-2024-51978

http://www.nessus.org/u?6c7d4950

Plugin Details

Severity: Critical

ID: 505040

File Name: tenable_ot_konica_CVE-2024-51978.nasl

Version: 1.1

Type: remote

Family: Tenable.ot

Published: 1/21/2026

Updated: 1/21/2026

Supported Sensors: Tenable OT Security

Risk Information

VPR

Risk Factor: Medium

Score: 6.7

CVSS v3

Risk Factor: Critical

Base Score: 9.8

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Vulnerability Information

CPE: cpe:/o:konicaminolta:bizhub_5000i_firmware, cpe:/o:konicaminolta:bizhub_3000mf_firmware, cpe:/o:konicaminolta:bizhub_4020i_firmware, cpe:/o:konicaminolta:bizhub_3080mf_firmware, cpe:/o:konicaminolta:bizhub_5020i_firmware, cpe:/o:konicaminolta:bizhub_4000i_firmware

Required KB Items: Tenable.ot/Konica

Vulnerability Publication Date: 6/25/2025

Reference Information

CVE: CVE-2024-51978

CWE: 1391