Cyber Resilience

CVE-2023-34259

MediumPublic PoC

Published: 03 November 2023

Published
03 November 2023
Modified
21 November 2024
KEV Added
Patch
CVSS Score v3.1 4.9 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N
EPSS Score 0.9317 99.8th percentile
Risk Priority 66 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2023-34259 is a medium-severity Path Traversal (CWE-22) vulnerability in Kyocera D-Copia253Mf Plus Firmware. Its CVSS base score is 4.9 (Medium).

Operationally, ranked in the top 0.2% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog; a public proof-of-concept is referenced.

Deeper analysis

CVE-2023-34259 is a path traversal vulnerability affecting Kyocera TASKalfa 4053ci printers running firmware through version 2VG_S000.002.561. The flaw permits unauthenticated or authenticated remote access to the /wlmdeu%2f%2e%2e%2f%2e%2e endpoint, which can be abused to read arbitrary files from the underlying filesystem, including those normally restricted to root. The issue stems from an incomplete remediation of the earlier CVE-2020-23575.

An attacker with high privileges can supply the crafted traversal sequence over the network to retrieve sensitive configuration files, credentials, or other data stored on the device. The CVSS 4.9 rating reflects network attack vector, low attack complexity, and high confidentiality impact while requiring authenticated administrative access and producing no integrity or availability effects.

Public disclosures from Sec-Consult and the Full Disclosure mailing list document the finding and note the incomplete prior fix; administrators should consult vendor firmware updates or apply the mitigations referenced in those advisories. The associated EPSS score has remained stable at its peak value of 0.9317 with no indicated rise after disclosure.

EU & UK References

Vulnerability details

Kyocera TASKalfa 4053ci printers through 2VG_S000.002.561 allow /wlmdeu%2f%2e%2e%2f%2e%2e directory traversal to read arbitrary files on the filesystem, even files that require root privileges. NOTE: this issue exists because of an incomplete fix for CVE-2020-23575.

CWE(s)

Related Threats

No named actor attribution yet. ATT&CK technique mapping in progress for this CVE.

Affected Assets

kyocera
d-copia253mf plus firmware
≤ 2vg_s000.002.561

Mitigating Controls

Likely Mitigating Controls AI

Per-CVE control mapping for this CVE has not run yet; the list below is derived from the weakness types (CWEs) cited in the NVD entry.

addresses: CWE-22

Validates pathnames and filenames to prevent traversal outside intended directories.

References