X.509 Certificate vulnerability CVE-2022-3786 and CVE-2022-3602

Last updated: 18 November 2022

A buffer overrun can be triggered in X.509 certificate verification, specifically in name constraint checking.  This occurs after certificate chain signature verification and requires either a CA to have signed the malicious certificate or for the application to continue certificate verification despite failure to construct a path to a trusted issuer.  A buffer overflow could result in a crash (causing a denial of service) or potentially remote code execution.  Both CVE-2022-3786 and CVE-2022-3602 are high severity.

Products assessed and status

Cutsheet and Toner Systems / Inkjet Sheetfed Press

Products Status
PRISMAsync print server based products Not impacted
varioPRINT 140 series Not impacted
varioPRINT 6000 series Not impacted
varioPRINT i-series Not impacted
varioPRINT iX-series Not impacted
Service Control Station (SCS) for VPi300 series and VPiX  series Not impacted
Tablet for VPi300 series and VPiX series Not impacted
PRISMAsync i300/iX Simulator Not impacted


Continuous Printing

Products Status
ColorStream 3×00 Not impacted
ColorStream 3000Z/ ColorStream 6000 Not impacted
ColorStream 8000 Not impacted
ProStream 1×00 Not impacted
LabelStream 4000 series Not impacted
JetStream V1/JetStream V2 Not impacted
VarioStream 4000 Not impacted
VarioStream 7000 series Not impacted
VarioStream 8000 Not impacted
PRISMAproduction Server V5 / PRISMAcontrol V5 Not impacted
PRISMAproduction Server V6.1 Not impacted
PRISMAproduction Host,CIS and router Not impacted
PRISMAspool Not impacted
DocSetter Not impacted
PRISMAsimulate Not impacted
DPconvert Not impacted
TrueProof Not impacted


Large Format Graphics

Products Status
Arizona series Not impacted
Colorado series Not impacted
Onyx HUB, Thrive, Production House Not impacted


Technical Documentation Systems

Products Status
PlotWave series Not impacted
ColorWave series Not impacted
Scanner Professional Not impacted
Driver Select, Driver Express, Publisher Mobile Not impacted
Publisher Select Not impacted
Account Console Not impacted
Repro Desk Not impacted
ColorWave Image Device Registration App Not impacted
Scanning Master Pro Color (Graphtec; scanner adjustment software) Not impacted


Workflow Applications (On premise and Cloud)

Products Status
PRISMAprepare V6 Not impacted
PRISMAprepare V7 Not impacted
PRISMAprepare V8 Not impacted
PRISMAdirect V1 Not impacted
PRISMAprofiler Not impacted
PRISMAcolor Not impacted
PRISMAorder Flex Not impacted
PRISMA Home Not impacted
PRISMAguide Not impacted
PRISMAprepare Go Not impacted
PRISMAlytics Accounting Not impacted
PRISMAlytics Dashboard Not impacted


Service & Support Tools

Products Status
On Remote Service (product) Not impacted
TSM/ADAM on Laptop and the ORS backend server Not impacted
Advisory Dashboard – Analysis & Maintenance Not impacted
PRISMAservice / Service Portal Not impacted