CVE-2025-5885 MEDIUM

CVE-2025-5885: Konica Minolta bizhub cross-site request forgery

Vendor Konica Minolta

Product bizhub

Weakness CWE-352 · CSRF

Published June 9, 2025

Last update June 9, 2025

View on NVD All CVEs

CVSS base score

5.3/10

Attack vector Network

Attack complexity Low

Privileges required None

User interaction —

Confidentiality —

Integrity —

CVSS vector

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:P

What the vulnerability does

01Description

A vulnerability has been found in Konica Minolta bizhub up to 20250202 and classified as problematic. This vulnerability affects unknown code. The manipulation leads to cross-site request forgery. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.

Key dates

02Disclosure timeline

June 9, 2025 CVE published

June 9, 2025 Record updated

External resources

03References

NVD — National Vulnerability Database https://nvd.nist.gov/vuln/detail/CVE-2025-5885 CWE — Common Weakness Enumeration https://cwe.mitre.org/data/definitions/352.html

Related vulnerabilities

04Related CVE

CVE-2023-44246 WordPress Shockingly Simple Favicon Plugin <= 1.8.2 is vulnerable to Cross Site Request Forgery (CSRF) CVE-2022-45850 WordPress Image Map Pro premium plugin < 5.6.9 - Cross-Site Request Forgery (CSRF) leading to Stored Cross-Site Scripting (XSS) CVE-2023-35917 WordPress WooCommerce PayPal Payments Plugin <= 2.0.4 is vulnerable to Cross Site Request Forgery (CSRF) CVE-2024-37467 WordPress Hestia theme <= 3.1.2 - Cross Site Request Forgery (CSRF) vulnerability CVE-2024-7367 SourceCodester Simple Realtime Quiz System ajax.php cross-site request forgery