[Important Notice]
Vulnerability in ScanSnap Manager Installers

Publication date:May 27th, 2021
PFU Limited


This document is intended to inform ScanSnap users that a vulnerability in ScanSnap Manager installers for Windows has been reported by a security research agency.


1. Software Affected

- ScanSnap Manager Installer prior to version V7.0L20


2. Vulnerability

This vulnerability affects users only during start of installation. Therefore, it does not affect users who have already installed ScanSnap Manager.
If the installer runs on a Windows PC while a malicious third-party DLL exists, operations not intended by the user may be executed.


3. Temporary Workaround

If you want to install a version prior to ScanSnap Manager V7.0L20, or if you want to run an installer that you previously downloaded, you can perform a secure installation by following the procedure below.


[Procedure]
1) Create a new folder in any location.
Example: Create a new folder on the desktop.
C:\Users\username\Desktop\new folder

2) Move the installer to the folder created in step 1).
3) Run the installer to install ScanSnap Manager.


4. Next steps

PFU is going to release new ScanSnap Manager installers with the vulnerability fixed.
The release schedule will be announced in this page.


This vulnerability does not exist in ScanSnap Home, the latest ScanSnap software, or ScanSnap Manager V7.0L20 or later.


We sincerely apologize for inconvenience this issue may have caused you.


5. Related information

JVN#65733194 The installers of ScanSnap Manager may insecurely load Dynamic Link Libraries

Contact

Imaging Support Department, PFU Limited
E-mail: scanners@pfu.fujitsu.com


Thank you for your continued use of our product.

Top of Page