Last updated: 18 November 2022
A buffer overrun can be triggered in X.509 certificate verification, specifically in name constraint checking. This occurs after certificate chain signature verification and requires either a CA to have signed the malicious certificate or for the application to continue certificate verification despite failure to construct a path to a trusted issuer. A buffer overflow could result in a crash (causing a denial of service) or potentially remote code execution. Both CVE-2022-3786 and CVE-2022-3602 are high severity.
Products assessed and status
Cutsheet and Toner Systems / Inkjet Sheetfed Press
| Products |
Status |
| PRISMAsync print server based products |
Not impacted |
| varioPRINT 140 series |
Not impacted |
| varioPRINT 6000 series |
Not impacted |
| varioPRINT i-series |
Not impacted |
| varioPRINT iX-series |
Not impacted |
| Service Control Station (SCS) for VPi300 series and VPiX series |
Not impacted |
| Tablet for VPi300 series and VPiX series |
Not impacted |
| PRISMAsync i300/iX Simulator |
Not impacted |
Continuous Printing
| Products |
Status |
| ColorStream 3×00 |
Not impacted |
| ColorStream 3000Z/ ColorStream 6000 |
Not impacted |
| ColorStream 8000 |
Not impacted |
| ProStream 1×00 |
Not impacted |
| LabelStream 4000 series |
Not impacted |
| JetStream V1/JetStream V2 |
Not impacted |
| VarioStream 4000 |
Not impacted |
| VarioStream 7000 series |
Not impacted |
| VarioStream 8000 |
Not impacted |
| PRISMAproduction Server V5 / PRISMAcontrol V5 |
Not impacted |
| PRISMAproduction Server V6.1 |
Not impacted |
| PRISMAproduction Host,CIS and router |
Not impacted |
| PRISMAspool |
Not impacted |
| DocSetter |
Not impacted |
| PRISMAsimulate |
Not impacted |
| DPconvert |
Not impacted |
| TrueProof |
Not impacted |
Large Format Graphics
| Products |
Status |
| Arizona series |
Not impacted |
| Colorado series |
Not impacted |
| Onyx HUB, Thrive, Production House |
Not impacted |
Technical Documentation Systems
| Products |
Status |
| PlotWave series |
Not impacted |
| ColorWave series |
Not impacted |
| Scanner Professional |
Not impacted |
| Driver Select, Driver Express, Publisher Mobile |
Not impacted |
| Publisher Select |
Not impacted |
| Account Console |
Not impacted |
| Repro Desk |
Not impacted |
| ColorWave Image Device Registration App |
Not impacted |
| Scanning Master Pro Color (Graphtec; scanner adjustment software) |
Not impacted |
Workflow Applications (On premise and Cloud)
| Products |
Status |
| PRISMAprepare V6 |
Not impacted |
| PRISMAprepare V7 |
Not impacted |
| PRISMAprepare V8 |
Not impacted |
| PRISMAdirect V1 |
Not impacted |
| PRISMAprofiler |
Not impacted |
| PRISMAcolor |
Not impacted |
| PRISMAorder Flex |
Not impacted |
| PRISMA Home |
Not impacted |
| PRISMAguide |
Not impacted |
| PRISMAprepare Go |
Not impacted |
| PRISMAlytics Accounting |
Not impacted |
| PRISMAlytics Dashboard |
Not impacted |
Service & Support Tools
| Products |
Status |
| On Remote Service (product) |
Not impacted |
| TSM/ADAM on Laptop and the ORS backend server |
Not impacted |
| Advisory Dashboard – Analysis & Maintenance |
Not impacted |
| PRISMAservice / Service Portal |
Not impacted |
