CVE-2022-43460 – CVE-2022-43460 is a vulnerability in Fujifilm D... (How to Fix)

Q: What is the severity of CVE-2022-43460?

CVE-2022-43460 has a CVSS score of 7.5 (HIGH). CVE-2022-43460 is a vulnerability in Fujifilm Driver Distributor v2.2.3.1 and earlier where administrator passwords are stored in a recoverable encrypted format. If an attacker obtains the configuration file, they can decrypt the credentials to gain administrative access. This affects all users of vulnerable Driver Distributor versions.

📋 TL;DR

CVE-2022-43460 is a vulnerability in Fujifilm Driver Distributor v2.2.3.1 and earlier where administrator passwords are stored in a recoverable encrypted format. If an attacker obtains the configuration file, they can decrypt the credentials to gain administrative access. This affects all users of vulnerable Driver Distributor versions.

💻 Affected Systems

Products:

Fujifilm Driver Distributor

Versions: v2.2.3.1 and earlier

Operating Systems: Windows

Default Config Vulnerable: ⚠️ Yes

Notes: All default installations of affected versions are vulnerable. The vulnerability exists in how credentials are stored in configuration files.

📦 What is this software?

Driver Distributor by Fujifilm

View all CVEs affecting Driver Distributor →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Attacker gains full administrative control over Driver Distributor, potentially compromising connected systems and deploying malware across the network.

🟠

Likely Case

Attacker with access to configuration files decrypts administrator credentials and gains unauthorized administrative access to the Driver Distributor system.

🟢

If Mitigated

With proper access controls and file permissions, attackers cannot access configuration files, preventing credential decryption.

🌐 Internet-Facing: MEDIUM - Risk exists if configuration files are exposed via web interfaces or misconfigured services.

🏢 Internal Only: HIGH - Configuration files are typically stored on internal systems where attackers with internal access can exploit this vulnerability.

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: UNKNOWN

Unauthenticated Exploit: ✅ No

Complexity: LOW

Exploitation requires access to the configuration file containing the encrypted credentials. The decryption method is not publicly documented but is implied to be straightforward.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: v2.2.3.2 or later

Vendor Advisory: https://www.fujifilm.com/fbglobal/eng/company/news/notice/2023/0131_announce.html

Restart Required: Yes

Instructions:

1. Download the latest version from Fujifilm's official website. 2. Run the installer to upgrade to v2.2.3.2 or later. 3. Restart the Driver Distributor service. 4. Verify the update by checking the version in the application.

🔧 Temporary Workarounds

Restrict Configuration File Access

windows

Apply strict file permissions to prevent unauthorized access to Driver Distributor configuration files.

icacls "C:\Program Files\Fujifilm\Driver Distributor\config\*" /inheritance:r /grant:r "Administrators:(F)" /grant:r "SYSTEM:(F)" /deny "Users:(R,W,X)"

Network Segmentation

all

Isolate Driver Distributor systems from untrusted networks and limit access to authorized users only.

🧯 If You Can't Patch

Implement strict access controls on configuration files to prevent unauthorized reading.
Monitor for unauthorized access attempts to Driver Distributor configuration directories.

🔍 How to Verify

Check if Vulnerable:

Check the Driver Distributor version in the application interface or registry: HKEY_LOCAL_MACHINE\SOFTWARE\Fujifilm\Driver Distributor\Version. If version is 2.2.3.1 or earlier, the system is vulnerable.

Check Version:

reg query "HKLM\SOFTWARE\Fujifilm\Driver Distributor" /v Version

Verify Fix Applied:

Verify the version is 2.2.3.2 or later using the same method. Additionally, check that configuration files no longer contain recoverable encrypted passwords.

📡 Detection & Monitoring

Log Indicators:

Unauthorized access attempts to Driver Distributor configuration files
Failed authentication attempts followed by successful authentication from unusual locations

Network Indicators:

Unusual network connections to Driver Distributor administration ports
Configuration file transfers from Driver Distributor systems

SIEM Query:

EventID=4663 AND ObjectName LIKE "%Driver Distributor%config%" AND AccessMask=0x1

📊 Metadata

CVE ID: CVE-2022-43460

CVSS v3 Score: 7.5 (HIGH)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

CWE: CWE-522

Published: February 13, 2023

Last Updated: March 21, 2025

🔗 References

https://jvn.jp/en/jp/JVN22830348/ Third Party Advisory
https://www.fujifilm.com/fbglobal/eng/company/news/notice/2023/0131_announce.html Vendor Advisory
https://jvn.jp/en/jp/JVN22830348/ Third Party Advisory
https://www.fujifilm.com/fbglobal/eng/company/news/notice/2023/0131_announce.html Vendor Advisory

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2022-43460, you might also want to check these: