Notice of vulnerability in our Driver Distributor software

Dear Customers,

Thank you for your continued support of our products.
An encryption-related vulnerability was discovered in our Driver Distributor software.
If you are using the Driver Distributor, please update to the latest version (version v2.2.6 or higher) as soon as possible.
We sincerely apologize for the inconvenience caused to our customers.

How to obtain the latest version

You can download the latest version of the Driver Distributor here.

• Driver Distributor Drivers & Downloads

Product to be affected and its version

Driver Distributor v2.2.3.1 or older.

How to check the version

After starting the Driver Distributor, you can display it by selecting "Help (H)" -> "Version information (A)" from the menu bar at the top of the window.

Vulnerability description

Driver Distributor contains a vulnerability where passwords are stored in a recoverable format
If an attacker obtains a configuration file of Driver Distributor, the encrypted administrator's credentials may be decrypted.

Related information

• JVN#22830348 Vulnerability in Fujifilm Business Innovation's Driver Distributor software.

Acknowledgments

We would like to thank Mr. Hiroshi Yokoi, Mr. Takuma Shiga, and Mr. Ryo Sato of Broadband Security Co., Ltd. for discovering this vulnerability.

Contact

Please visit the FUJIFILM Business Innovation support website:

https://support-fb.fujifilm.com/