GNU Bash "Shellshock" Security Vulnerability
A critical security vulnerability has been reported in the GNU Bash "Shellshock", which is a common command line used in many Linux/UNIX operating systems.
KYOCERA has investigated whether or not its products, software and services are affected. The results are as follows.
KYOCERA products use a special embedded version of the Linux Operating System. There is no access to the Bash prompt from the network, operation panel, USB, or any other interface, therefore, KYOCERA printers and MFPs are not susceptible to the “Shellshock” vulnerability.
"Bash" environment is not implemented in following KYOCERA optional products, and therefore unaffected.
FAX System (*)
IB-23/IB-50/IB-51 / IB-110
"Bash" environment is not implemented in any KYOCERA software/utilities and therefore unaffected.
EFI™ Fiery Printing System(s)
The Fiery Printing System, optional on select KYOCERA color MFPs, uses an embedded Linux Operating System. EFI, the manufacturer of Fiery Printing Systems, has identified a vulnerability that they regard as a low security risk. EFI is currently working on a firmware patch, which will resolve this vulnerability, and it will be made available after December 1, 2014.