CVE-2022-1026

Kyocera Net View Address Book Exposure

Basic Information

CVE State: PUBLISHED
Reserved Date: March 18, 2022
Published Date: April 04, 2022
Last Updated: September 16, 2024
Vendor: Kyocera
Product: Multifunction Printer Net Viewer
Description: Kyocera multifunction printers running vulnerable versions of Net View unintentionally expose sensitive user information, including usernames and passwords, through an insufficiently protected address book export function.
Tags

CVSS Scores

CVSS v3.1

8.6 - HIGH

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N

CVSS v2.0

5.0

Vector: AV:N/AC:L/Au:N/C:P/I:N/A:N

EPSS Score

Score: 89.63% (Percentile: 99.53%) as of 2025-08-10

Exploit Status

Exploited in the Wild: Yes (2025-07-30 00:00:00 UTC) Source

References

https://www.kyoceradocumentsolutions.com/en/our-business/security/information/2022-04-04.html https://www.rapid7.com/blog/post/2022/03/29/cve-2022-1026-kyocera-net-view-address-book-exposure/

Known Exploited Vulnerability Information

Source	Added Date
The Shadowserver (via CIRCL)	2025-07-31 12:00:58 UTC

Scanner Integrations

Scanner	URL	Date Detected
Nuclei	https://github.com/projectdiscovery/nuclei-templates/blob/main/http/cves/2022/CVE-2022-1026.yaml	2025-06-11 11:30:32 UTC

Timeline

CVE ID Reserved

March 18, 2022
CVE Published to Public

April 04, 2022
Detected by Nuclei

June 11, 2025
Added to KEVIntel

July 31, 2025