Service Location Protocol Vulnerability

Overview

A new cyber security vulnerability (CVE-2023-29552) has been discovered in the Service Location Protocol (SLP) contained in bizhub MFPs and printers, which may result in a denial-of-service (DoS) attack.  Konica Minolta printers and MFPs located on unprotected networks or connected directly to the public Internet are at higher vulnerability risk.  Devices behind firewalls on trusted networks do not necessarily have to implement the recommendations below.

Recommendation

Apply the following mitigation methods to protect against (CVE-2023-29552):

• Disable SLP on all Printers and MFPs connected to untrusted networks, like those directly connected to the Internet.
  • Disabling SLP should not affect any current device functionality.
• If disabling SLP is not possible, configure firewall settings to filter traffic on UDP and TCP port 427. This will prevent external attackers from accessing the SLP service.
• Additional information can be found here: New high-severity vulnerability (CVE-2023-29552) discovered in the Service Location Protocol (SLP) .

Action

Disabling SLP:

1. Access the device via the PageScope Web Connection (PSWC) interface.
2. Login as [Administrator] > Select [Network] > [TCP/IP Settings].
   1. iSeries:
      1. Select [TCP/IP Settings 2] > [SLP Setting] and set to “Off”.
   2. Other devices:
      1. Scroll down to [SLP Setting] and set to “Disable”.
3. Save Settings.
4. Logout of PSWC and turn the device Off/On.