Vulnerability in ScanSnap Manager Installers
Publication date：May 27th, 2021
This document is intended to inform ScanSnap users that a vulnerability in ScanSnap Manager installers for Windows has been reported by a security research agency.
1. Software Affected
- ScanSnap Manager Installer prior to version V7.0L20
This vulnerability affects users only during start of installation. Therefore, it does not affect users who have already installed ScanSnap Manager.
If the installer runs on a Windows PC while a malicious third-party DLL exists, operations not intended by the user may be executed.
3. Temporary Workaround
If you want to install a version prior to ScanSnap Manager V7.0L20, or if you want to run an installer that you previously downloaded, you can perform a secure installation by following the procedure below.
1) Create a new folder in any location.
Example: Create a new folder on the desktop.
2) Move the installer to the folder created in step 1).
3) Run the installer to install ScanSnap Manager.
4. Next steps
PFU is going to release new ScanSnap Manager installers with the vulnerability fixed.
The release schedule will be announced in this page.
This vulnerability does not exist in ScanSnap Home, the latest ScanSnap software, or ScanSnap Manager V7.0L20 or later.
We sincerely apologize for inconvenience this issue may have caused you.
5. Related information
Imaging Support Department, PFU Limited
Thank you for your continued use of our product.