Tokyo, April 1, 2026 – FUJIFILM Business Innovation has partnered with the Common Vulnerabilities and Exposures (CVE™*1)Program as a CVE Numbering Authority (CNA) and is now authorized to assign CVE IDs and publish CVE Records for vulnerabilities in Fuji Xerox and FUJIFILM Business Innovation products, software, and cloud services.
The mission of the CVE Program is to identify, define, and catalog publicly disclosed cybersecurity vulnerabilities and to facilitate the international sharing of this information. A CNA is an authorized entity with a specific scope and responsibility to regularly assign CVE IDs and publish corresponding CVE Records.
We have established the FUJIFILM Business Innovation Product Security Incident Response Team (PSIRT) to manage vulnerability information and have been actively working to enhance the security of our products and services. Through developing vulnerability disclosure policies, establishing a vulnerability reporting channel, and coordinating with external entities, the PSIRT ensures prompt and effective responses to identified vulnerabilities.
With this CNA authorization, we can now assign CVE IDs and publish CVE Records in-house, which were previously handled by external organizations, and disclose information about vulnerabilities affecting our products and services more quickly and efficiently.
FUJIFILM Business Innovation will continue to enhance security throughout the entire lifecycle of our products and services, ensuring that our customers can use them with confidence.
- *1 CVE is a trademark of The MITRE Corporation.
For inquiries on information in this announcement, contact
Mail:dgi-fb-psirt@fujifilm.com