Protection mechanism failure vulnerability in KONICA MINOLTA bizhub series (bizhub C750i G00-35 and earlier, bizhub C650i/C550i/C450i G00-B6 and earlier, bizhub C360i/C300i/C250i G00-B6 and earlier, bizhub 750i/650i/550i/450i G00-37 and earlier, bizhub 360i/300i G00-33 and earlier, bizhub C287i/C257i/C227i G00-19 and earlier, bizhub 306i/266i/246i/226i G00-B6 and earlier, bizhub C759/C659 GC7-X8 and earlier, bizhub C658/C558/C458 GC7-X8 and earlier, bizhub 958/808/758 GC7-X8 and earlier, bizhub 658e/558e/458e GC7-X8 and earlier, bizhub C287/C227 GC7-X8 and earlier, bizhub 287/227 GC7-X8 and earlier, bizhub 368e/308e GC7-X8 and earlier, bizhub C368/C308/C258 GC9-X4 and earlier, bizhub 558/458/368/308 GC9-X4 and earlier, bizhub C754e/C654e GDQ-M0 and earlier, bizhub 754e/654e GDQ-M0 and earlier, bizhub C554e/C454e GDQ-M1 and earlier, bizhub C364e/C284e/C224e GDQ-M1 and earlier, bizhub 554e/454e/364e/284e/224e GDQ-M1 and earlier, bizhub C754/C654 C554/C454 GR1-M0 and earlier, bizhub C364/C284/C224 GR1-M0 and earlier, bizhub 754/654 GR1-M0 and earlier, bizhub C3851FS/C3851/C3351 GC9-X4 and earlier, bizhub 4752/4052 GC9-X4 and earlier) allows a physical attacker to bypass the firmware integrity verification and to install malicious firmware.
Conclusion & alert: CVE-2021-20872 is rated Low Risk (34.8/100): CVSS Medium severity, with low exploitation likelihood (EPSS 0.30%). Mandatory action: Monitor for updates and reassess as exploit intelligence or EPSS changes.
Risk is dynamic; we continuously reassess and refresh what is shown on this page as upstream context changes.
EPSS lead: Daily EPSS estimates relative likelihood of exploitation; percentile ranks this CVE among scored vulnerabilities (higher = more severe relative rank).
| # | Date | Old EPSS score | New EPSS score | Delta (New - Old) |
|---|---|---|---|---|
| 1 | 2026-06-15 | 0.14% | 0.30% | +0.16% |
| 2 | 2025-03-30 | 0.27% | 0.14% | -0.13% |
| 3 | 2025-03-29 | — | 0.27% | — |
Full EPSS history (7 records total)
CVSS metrics for this CVE.
| Base score | Version | Severity | Vector | Exploitability | Impact | Score source |
|---|---|---|---|---|---|---|
| 6.8 | 3.1 | MEDIUM |
|
0.9 | 5.9 | [email protected] |
| 4.6 | 2.0 | MEDIUM |
|
3.9 | 6.4 | [email protected] |
| Vendor | Product | Version | Raw CPE |
|---|---|---|---|
| konicaminolta | bizhub_c759_firmware | < gca-y1 | cpe:2.3:o:konicaminolta:bizhub_c759_firmware:*:*:*:*:*:*:*:* |
| konicaminolta | bizhub_c659_firmware | < gca-y1 | cpe:2.3:o:konicaminolta:bizhub_c659_firmware:*:*:*:*:*:*:*:* |
| konicaminolta | bizhub_c658_firmware | < gca-y1 | cpe:2.3:o:konicaminolta:bizhub_c658_firmware:*:*:*:*:*:*:*:* |
| konicaminolta | bizhub_c558_firmware | < gca-y1 | cpe:2.3:o:konicaminolta:bizhub_c558_firmware:*:*:*:*:*:*:*:* |
| konicaminolta | bizhub_c458_firmware | < gca-y1 | cpe:2.3:o:konicaminolta:bizhub_c458_firmware:*:*:*:*:*:*:*:* |
| konicaminolta | bizhub_958_firmware | < gca-y1 | cpe:2.3:o:konicaminolta:bizhub_958_firmware:*:*:*:*:*:*:*:* |
| konicaminolta | bizhub_808_firmware | < gca-y1 | cpe:2.3:o:konicaminolta:bizhub_808_firmware:*:*:*:*:*:*:*:* |
| konicaminolta | bizhub_758_firmware | < gca-y1 | cpe:2.3:o:konicaminolta:bizhub_758_firmware:*:*:*:*:*:*:*:* |
| konicaminolta | bizhub_658e_firmware | < gca-y1 | cpe:2.3:o:konicaminolta:bizhub_658e_firmware:*:*:*:*:*:*:*:* |
| konicaminolta | bizhub_558e_firmware | < gca-y1 | cpe:2.3:o:konicaminolta:bizhub_558e_firmware:*:*:*:*:*:*:*:* |
| konicaminolta | bizhub_458e_firmware | < gca-y1 | cpe:2.3:o:konicaminolta:bizhub_458e_firmware:*:*:*:*:*:*:*:* |
| konicaminolta | bizhub_c287_firmware | < gca-y0 | cpe:2.3:o:konicaminolta:bizhub_c287_firmware:*:*:*:*:*:*:*:* |
| konicaminolta | bizhub_c227_firmware | < gca-y0 | cpe:2.3:o:konicaminolta:bizhub_c227_firmware:*:*:*:*:*:*:*:* |
| konicaminolta | bizhub_287_firmware | < gca-y0 | cpe:2.3:o:konicaminolta:bizhub_287_firmware:*:*:*:*:*:*:*:* |
| konicaminolta | bizhub_227_firmware | < gca-y0 | cpe:2.3:o:konicaminolta:bizhub_227_firmware:*:*:*:*:*:*:*:* |
| konicaminolta | bizhub_368e_firmware | < gca-x8 | cpe:2.3:o:konicaminolta:bizhub_368e_firmware:*:*:*:*:*:*:*:* |
| konicaminolta | bizhub_308e_firmware | < gca-x8 | cpe:2.3:o:konicaminolta:bizhub_308e_firmware:*:*:*:*:*:*:*:* |
| konicaminolta | bizhub_c368_firmware | < gca-x4 | cpe:2.3:o:konicaminolta:bizhub_c368_firmware:*:*:*:*:*:*:*:* |
| konicaminolta | bizhub_c308_firmware | < gca-x4 | cpe:2.3:o:konicaminolta:bizhub_c308_firmware:*:*:*:*:*:*:*:* |
| konicaminolta | bizhub_c258_firmware | < gca-x4 | cpe:2.3:o:konicaminolta:bizhub_c258_firmware:*:*:*:*:*:*:*:* |
| konicaminolta | bizhub_558_firmware | < gca-x4 | cpe:2.3:o:konicaminolta:bizhub_558_firmware:*:*:*:*:*:*:*:* |
| konicaminolta | bizhub_458_firmware | < gca-x4 | cpe:2.3:o:konicaminolta:bizhub_458_firmware:*:*:*:*:*:*:*:* |
| konicaminolta | bizhub_368_firmware | < gca-x4 | cpe:2.3:o:konicaminolta:bizhub_368_firmware:*:*:*:*:*:*:*:* |
| konicaminolta | bizhub_308_firmware | < gca-x4 | cpe:2.3:o:konicaminolta:bizhub_308_firmware:*:*:*:*:*:*:*:* |
| konicaminolta | bizhub_c754e_firmware | < gdr-m0 | cpe:2.3:o:konicaminolta:bizhub_c754e_firmware:*:*:*:*:*:*:*:* |
| konicaminolta | bizhub_c654e_firmware | < gdr-m0 | cpe:2.3:o:konicaminolta:bizhub_c654e_firmware:*:*:*:*:*:*:*:* |
| konicaminolta | bizhub_754e_firmware | < gdr-m0 | cpe:2.3:o:konicaminolta:bizhub_754e_firmware:*:*:*:*:*:*:*:* |
| konicaminolta | bizhub_654e_firmware | < gdr-m0 | cpe:2.3:o:konicaminolta:bizhub_654e_firmware:*:*:*:*:*:*:*:* |
| konicaminolta | bizhub_c554e_firmware | < gdr-m1 | cpe:2.3:o:konicaminolta:bizhub_c554e_firmware:*:*:*:*:*:*:*:* |
| konicaminolta | bizhub_c454e_firmware | < gdr-m1 | cpe:2.3:o:konicaminolta:bizhub_c454e_firmware:*:*:*:*:*:*:*:* |
| konicaminolta | bizhub_c364e_firmware | < gdr-m1 | cpe:2.3:o:konicaminolta:bizhub_c364e_firmware:*:*:*:*:*:*:*:* |
| konicaminolta | bizhub_c284e_firmware | < gdr-m1 | cpe:2.3:o:konicaminolta:bizhub_c284e_firmware:*:*:*:*:*:*:*:* |
| konicaminolta | bizhub_c224e_firmware | < gdr-m1 | cpe:2.3:o:konicaminolta:bizhub_c224e_firmware:*:*:*:*:*:*:*:* |
| konicaminolta | bizhub_554e_firmware | < gdr-m1 | cpe:2.3:o:konicaminolta:bizhub_554e_firmware:*:*:*:*:*:*:*:* |
| konicaminolta | bizhub_454e_firmware | < gdr-m1 | cpe:2.3:o:konicaminolta:bizhub_454e_firmware:*:*:*:*:*:*:*:* |
| konicaminolta | bizhub_364e_firmware | < gdr-m1 | cpe:2.3:o:konicaminolta:bizhub_364e_firmware:*:*:*:*:*:*:*:* |
| konicaminolta | bizhub_284e_firmware | < gdr-m1 | cpe:2.3:o:konicaminolta:bizhub_284e_firmware:*:*:*:*:*:*:*:* |
| konicaminolta | bizhub_224e_firmware | < gdr-m1 | cpe:2.3:o:konicaminolta:bizhub_224e_firmware:*:*:*:*:*:*:*:* |
| konicaminolta | bizhub_c754_firmware | < gr4-m0 | cpe:2.3:o:konicaminolta:bizhub_c754_firmware:*:*:*:*:*:*:*:* |
| konicaminolta | bizhub_c654_firmware | < gr4-m0 | cpe:2.3:o:konicaminolta:bizhub_c654_firmware:*:*:*:*:*:*:*:* |
| konicaminolta | bizhub_c554_firmware | < gr4-m0 | cpe:2.3:o:konicaminolta:bizhub_c554_firmware:*:*:*:*:*:*:*:* |
| konicaminolta | bizhub_c454_firmware | < gr4-m0 | cpe:2.3:o:konicaminolta:bizhub_c454_firmware:*:*:*:*:*:*:*:* |
| konicaminolta | bizhub_c364_firmware | < gr4-m0 | cpe:2.3:o:konicaminolta:bizhub_c364_firmware:*:*:*:*:*:*:*:* |
| konicaminolta | bizhub_c284_firmware | < gr4-m0 | cpe:2.3:o:konicaminolta:bizhub_c284_firmware:*:*:*:*:*:*:*:* |
| konicaminolta | bizhub_c224_firmware | < gr4-m0 | cpe:2.3:o:konicaminolta:bizhub_c224_firmware:*:*:*:*:*:*:*:* |
| konicaminolta | bizhub_754_firmware | < gr4-m0 | cpe:2.3:o:konicaminolta:bizhub_754_firmware:*:*:*:*:*:*:*:* |
| konicaminolta | bizhub_654_firmware | < gr4-m0 | cpe:2.3:o:konicaminolta:bizhub_654_firmware:*:*:*:*:*:*:*:* |
| konicaminolta | bizhub_c3851fs_firmware | < gca-x4 | cpe:2.3:o:konicaminolta:bizhub_c3851fs_firmware:*:*:*:*:*:*:*:* |
| konicaminolta | bizhub_c3851_firmware | < gca-x4 | cpe:2.3:o:konicaminolta:bizhub_c3851_firmware:*:*:*:*:*:*:*:* |
| konicaminolta | bizhub_c3351_firmware | < gca-x4 | cpe:2.3:o:konicaminolta:bizhub_c3351_firmware:*:*:*:*:*:*:*:* |
| konicaminolta | bizhub_4752_firmware | < gca-x4 | cpe:2.3:o:konicaminolta:bizhub_4752_firmware:*:*:*:*:*:*:*:* |
| konicaminolta | bizhub_4052_firmware | < gca-x4 | cpe:2.3:o:konicaminolta:bizhub_4052_firmware:*:*:*:*:*:*:*:* |
| URL | Tags |
|---|---|
| https://jvn.jp/en/vu/JVNVU95192472/index.html | Third Party Advisory VDB Entry |
| https://jvn.jp/vu/JVNVU95192472/index.html | Third Party Advisory VDB Entry |
| https://www.konicaminolta.com/global/newsroom/topics/2021/1224-01-01.html | Mitigation Vendor Advisory |
| https://www.konicaminolta.jp/business/support/important/211224_01_01.html | Mitigation Vendor Advisory |