Kyocera Printer Critical Vulnerabilities CVSS 9.8 Remote Attack
Summary
CERT-Bund issued security advisory WID-SEC-2026-0915 alerting to multiple critical vulnerabilities in Kyocera TASKalfa and ECOSYS printers. The vulnerabilities carry a CVSS Base Score of 9.8 (critical) and enable remote attacks without user interaction. Organizations using affected Kyocera printers should apply available mitigations immediately.
What changed
CERT-Bund disclosed critical vulnerabilities (CVSS 9.8) in Kyocera TASKalfa and ECOSYS printers affecting BIOS/firmware and hardware appliance components. The vulnerabilities allow remote attackers to execute unspecified attacks, posing severe risk to organizational networks.
Organizations with affected Kyocera devices should immediately apply vendor security patches, restrict network exposure of printer devices, and monitor for signs of exploitation. As this is a security advisory from Germany's federal CERT, affected parties in Germany should prioritize remediation given the critical severity rating and confirmed remote attack vector.
What to do next
- Apply vendor security patches for Kyocera TASKalfa and ECOSYS printers
- Restrict network access to vulnerable printer devices
- Monitor for indicators of exploitation
Source document (simplified)
[WID-SEC-2026-0915] Kyocera Printer: Mehrere Schwachstellen ermöglichen nicht spezifizierten Angriff CVSS Base Score 9.8 (kritisch) CVSS Temporal Score 8.5 (hoch) Remoteangriff ja Datum 30.03.2026 Stand 31.03.2026 Mitigation ja
Betroffene Systeme
Betriebssystem
- BIOS/Firmware
- Hardware Appliance
Produktbeschreibung
Kyocera ist ein Hersteller u.a. von Druckern.
Produkte
30.03.2026
- Kyocera Printer TASKalfa
- Kyocera Printer ECOSYS
Angriff
Angriff
Ein entfernter Angreifer kann mehrere Schwachstellen in Kyocera Printer ausnutzen, um einen nicht näher spezifizierten Angriff durchzuführen. CVE Informationen Versionshistorie Feedback zum Advisory geben
Related changes
Source
Classification
Who this affects
Taxonomy
Browse Categories
Get Data Privacy & Cybersecurity alerts
Weekly digest. AI-summarized, no noise.
Free. Unsubscribe anytime.
Get alerts for this source
We'll email you when CERT-Bund Security Advisories publishes new changes.