Apr 25th,2025(#1)
Dear customers,
Thank you for using Duplo products.
Several cyber security vulnerabilities have been found in Duplo products only while the computer, used for the products, are connected to the Internet.
If you have already enabled Windows Update (‘Advanced options’ that is described in 〈Measures〉 is required.), it is not necessary to take any measures against this.
If you have not enabled Windows Update yet, it is necessary to enable and run it.
Please refer to 〈Measures〉 in a later description to perform Windows Update.
Vulnerabilities of Microsoft .NET Framework
| Product | Model name | Reference for detail |
|---|---|---|
| JDF Console | DC-646 JDF Console | Please follow the links provided below for details on Vulnerabilities of Microsoft .NET Framework.
https://nvd.nist.gov/vuln/detail/CVE-2024-38081
https://nvd.nist.gov/vuln/detail/CVE-2024-43483 https://nvd.nist.gov/vuln/detail/CVE-2024-43484 https://nvd.nist.gov/vuln/detail/CVE-2024-21409 https://nvd.nist.gov/vuln/detail/CVE-2025-21176 |
| DC-746 JDF Console | Please follow the links provided below for details on Vulnerabilities of Microsoft .NET Framework.
https://nvd.nist.gov/vuln/detail/CVE-2024-38081
https://nvd.nist.gov/vuln/detail/CVE-2024-43483 https://nvd.nist.gov/vuln/detail/CVE-2024-43484 https://nvd.nist.gov/vuln/detail/CVE-2024-21409 https://nvd.nist.gov/vuln/detail/CVE-2025-21176 |
〈MEASURES〉
Through the computer connected to the Duplo product, Select [Start menu] > [settings] > [(Update & Security:for Windows 10 only)] > [Windows Update].
To perform Windows Update, make settings for [Advanced options] in the procedure below.
●For Windows 10: [Settings] > [Update & Security] > [Advanced options] > Select “On” for [Receive updates for other Microsoft products when you update Windows]
●For Windows 11: [Settings] > [Windows Update] > [Advanced options] > Select “On” for [Receive updates for other Microsoft products].
After that, if the screen indicates “You’re up to date”, the computer is up to date. If it does not indicate, please select [Check for updates] and follow the instructions on the screen to install the update program to the computer.
〈CONTACT〉
If you have any questions or concerns, please do not hesitate to contact our service personnel. We would appreciate it if you could contact us with the "Technical information sheet File No. 02565".
Apr 25th,2025(#2)
Dear customers,
Thank you for using Duplo products.
Several cyber security vulnerabilities have been found in Duplo products only while the computer, used for the products, are connected to the Internet.
If you have already enabled Windows Update (‘Advanced options’ that is described in 〈Measures〉 is required.), it is not necessary to take any measures against this.
If you have not enabled Windows Update yet, it is necessary to enable and run it.
Please refer to 〈Measures〉 in a later description to perform Windows Update.
Vulnerabilities of .NET 8
〈MEASURES〉
Through the computer connected to the Duplo product, Select [Start menu] > [settings] > [(Update & Security:for Windows 10 only)] > [Windows Update].
To perform Windows Update, make settings for [Advanced options] in the procedure below.
●For Windows 10: [Settings] > [Update & Security] > [Advanced options] > Select “On” for [Receive updates for other Microsoft products when you update Windows]
●For Windows 11: [Settings] > [Windows Update] > [Advanced options] > Select “On” for [Receive updates for other Microsoft products].
After that, if the screen indicates “You’re up to date”, the computer is up to date. If it does not indicate, please select [Check for updates] and follow the instructions on the screen to install the update program to the computer.
〈CONTACT〉
If you have any questions or concerns, please do not hesitate to contact our service personnel. We would appreciate it if you could contact us with the "Technical information sheet File No. 02565".
Apr 25th,2025(#3)
Dear customers,
Thank you for using Duplo products.
Several cyber security vulnerabilities have been found in Duplo products only while the computer, used for the products, are connected to the Internet.
See below for the corresponding products.
Measures against the vulnerabilities for these products have already been taken, which are to be implemented as follows:
DC-648: From May, 2024
DC-618: From June, 2024
DC-20000: From November, 2024
For such products, those shipped out or under production already, our software team has decided it is not necessary to take any measures because of their assessment of the vulnerabilities.
If you have any questions or concerns, for example, a vulnerabilities of the product you ordered, please do not hesitate to contact our service personnel.
In that case, please contact our service personnel with the model name of the products and the product information sheet File number of the product that you are using.
Please be informed about the detail and the products subject to in the table below.
| Product | Model name | Product information sheet File No. | Program No. | Reference for detail |
|---|---|---|---|---|
| PC CONTROLLER | DC-618 | 2581 | Z1-VD108 or earlier | See (Table):DC-618, DC-648,DC-20000. |
| DC-648 | 2574 | Z4-VG104 or earlier | ||
| DC-20000 | 2593 | Z7-VD105 or earlier |
(Table):DC-618, DC-648,DC-20000
| Description | Reference for detail |
|---|---|
| Vulnerabilities of .NET 6 of the PC Controller |
https://nvd.nist.gov/vuln/detail/CVE-2024-43483
https://nvd.nist.gov/vuln/detail/CVE-2024-43485 https://nvd.nist.gov/vuln/detail/CVE-2024-43484 https://nvd.nist.gov/vuln/detail/CVE-2024-21409 |
〈CONTACT〉
If you have any questions or concerns, please do not hesitate to contact our service personnel. We would appreciate it if you could see the table above and contact us with the model name of the products that you are using and the product information sheet File number.
Aug 23rd, 2024(#1)
Dear customers,
Thank you for using Duplo products.
Several cyber security vulnerabilities have been found in Duplo products only while the computer, used for the products, are connected to the Internet.
See below for the corresponding products.
Measures against the vulnerabilities for these products have already been taken, which are to be implemented as follows:
DC-648: From May, 2024
DC-618: From June, 2024
For such products, those shipped out or under production already, our software team has decided it is not necessary to take any measures because of their assessment of the vulnerabilities.
If you have any questions or concerns, for example, a vulnerabilities of the product you ordered, please do not hesitate to contact our service personnel.
In that case, please contact our service personnel with the model name of the products and the product information sheet File number of the product that you are using.
Please be informed about the detail and the products subject to in the table below.
| Product | Model name | Product information sheet File No. | Program No. | Reference for detail |
|---|---|---|---|---|
| PC CONTROLLER | DC-618 | 2581 | Z1-VD108 or earlier | See (Table):DC-618, DC-648. |
| DC-648 | 2574 | Z4-VG104 or earlier |
(Table):DC-618, DC-648
〈CONTACT〉
If you have any questions or concerns, please do not hesitate to contact our service personnel. We would appreciate it if you could see the table above and contact us with the model name of the products that you are using and the product information sheet File number.
Aug 23rd, 2024(#2)
Dear customers,
Thank you for using Duplo products.
Several cyber security vulnerabilities have been found in Duplo products only while the computer, used for the products, are connected to the Internet.
See below for the corresponding products.
Measures against the vulnerabilities for this product have already been taken, which are to be implemented as follows:
DC-20000: From the next production
For such products, those shipped out or under production already, our software team has decided it is not necessary to take any measures because of their assessment of the vulnerabilities.
If you have any questions or concerns, for example, a vulnerabilities of the product you ordered, please do not hesitate to contact our service personnel.
In that case, please contact our service personnel with the model name of the products and the product information sheet File number of the product that you are using.
Please be informed about the detail and the products subject to in the table below.
| Product | Model name | Product information sheet File No. | Program No. | Reference for detail |
|---|---|---|---|---|
| PC CONTROLLER | DC-20000 | 2593 | Z7-VD105 or earlier | See (Table): DC-20000 |
(Table): DC-20000
| Description | Reference for detail |
|---|---|
| Vulnerabilities of .NET 6 of the PC Controller |
https://nvd.nist.gov/vuln/detail/CVE-2024-20672
https://nvd.nist.gov/vuln/detail/CVE-2024-21319 https://nvd.nist.gov/vuln/detail/CVE-2024-0057 https://nvd.nist.gov/vuln/detail/CVE-2024-21404 |
| Vulnerabilities of gRPC of the PC Controller |
https://nvd.nist.gov/vuln/detail/CVE-2023-32732
https://nvd.nist.gov/vuln/detail/CVE-2023-4785 https://nvd.nist.gov/vuln/detail/CVE-2023-33953 |
〈CONTACT〉
If you have any questions or concerns, please do not hesitate to contact our service personnel. We would appreciate it if you could see the table above and contact us with the model name of the products that you are using and the product information sheet File number.
Apr 26th, 2024(#1)
Dear customers,
Thank you for using Duplo products.
Several cyber security vulnerabilities have been found in Duplo products only while the computer, used for the products, are connected to the Internet. However, you have already enabled Windows Update, it is not necessary to take any measures because Windows Update always keeps the security in the computer up to date.
If you have not enabled Windows Update yet, it is necessary to enable and run it.
Please be informed about the detail and the products subject to in the table below.
Vulnerabilities of Microsoft .NET Framework
| Product | Model name | Reference for detail |
|---|---|---|
| PC CONTOROLLER | PC Controller for DIB-R |
https://nvd.nist.gov/vuln/detail/CVE-2024-0057
https://nvd.nist.gov/vuln/detail/CVE-2024-21312 https://nvd.nist.gov/vuln/detail/CVE-2023-36560 https://nvd.nist.gov/vuln/detail/CVE-2023-36049 |
| PC Controller for DMSF-10 | ||
| PC Controller for DSF-2200 | ||
| PC Controller for DSF-6000 | ||
| PC Controller for DSC-10/60i | ||
| PC Controller for DDC-810 | ||
| PC Controller for DDC-8000 | ||
| PC Controller for DSM-1000 | ||
| PC Controller for DM-LU2 | ||
| Duplo GA - PC Controller | ||
| Other software | External Feed Controller | |
| DM JOB FILE TRANSFER | ||
| eTandem | ||
| Duplo + insight Connector |
〈MEASURE〉
On the computer used for Duplo product, please follow the steps as mentioned below to make sure the update.
Select [Start menu] > [Settings] > [Update & Security] > [Windows Update].
Or, select [Start menu] > [Settings] > [Windows Update].
After that, if the screen indicates “Your device is up to date”, the computer is up to date. If it does not indicate, please select [Check for updates] and follow the instructions on the screen to install the update program to the computer.
〈CONTACT〉
If you have any questions or concerns, please do not hesitate to contact our service personnel. We would appreciate it if you could contact us with the "Product information sheet File No. P3674".
Apr 26th, 2024(#2)
Dear customers,
Thank you for using Duplo products.
Several cyber security vulnerabilities have been found in Duplo products only while the computer, used for the products, are connected to the Internet.
If you have already enabled Windows Update (‘Advanced options’ that is described in 〈Measures〉 is required.), it is not necessary to take any measures against this.
If you have not enabled Windows Update yet, it is necessary to enable and run it.
Please refer to 〈Measures〉 in a later description to perform Windows Update.
Vulnerabilities of Microsoft .NET Framework
Vulnerabilities of Microsoft SQL Server
〈MEASURE〉
Through the computer connected to the Duplo product, Select [Start menu] > [settings] > [(Update & Security:for Windows10 only)] > [Windows Update].
To perform Windows Update, make settings for [Advanced options] in the procedure below.
●For Windows10: [Settings] > [Update & Security] > [Advanced options] > Select “On” for [Receive updates for other Microsoft products when you update Windows]
●For Windows11: [Settings] > [Windows Update] > [Advanced options] > Select “On” for [Receive updates for other Microsoft products].
After that, if the screen indicates “You’re up to date”, the computer is up to date. If it does not indicate, please select [Check for updates] and follow the instructions on the screen to install the update program to the computer.
〈CONTACT〉
If you have any questions or concerns, please do not hesitate to contact our service personnel. We would appreciate it if you could contact us with the "Technical information sheet File No. 02565".
Dec 1st, 2023
Dear customers,
Thank you for using Duplo products.
Several cyber security vulnerabilities have been found in Duplo products only while the computer, used for the products, are connected to the Internet. However, you have already enabled Windows Update, it is not necessary to take any measures because Windows Update always keeps the security in the computer up to date.
If you have not enabled Windows Update yet, it is
necessary to enable and run it.
Please be informed about the detail and the products subject to in the table below.
Vulnerabilities of Microsoft .NET Framework
〈MEASURE〉
On the computer used for Duplo product, please follow the steps as mentioned below to make sure the update.
Select [Start menu] > [Settings] > [Update & Security] > [Windows Update].
Or, select [Start menu] > [Settings] > [Windows Update].
After that, if the screen indicates “Your device is up to date”, the computer is up to date. If it does not indicate, please select [Check for updates] and follow the instructions on the screen to install the update program to the computer.
〈CONTACT〉
If you have any questions or concerns, please do not hesitate to contact our service personnel. We would appreciate it if you could contact us with the "Product information sheet File No. P3674".
Duplo Corporation
May 18th, 2023
Dear customers,
Thank you for using Duplo products.
Several cyber security vulnerabilities have been found in Duplo products only while the computer, used for the products, are connected to the Internet. However, you have already enabled Windows Update, it is not necessary to take any measures because Windows Update always keeps the security in the computer up to date.
If you have not enabled Windows Update yet, it is necessary to enable and run it.
Please be informed about the detail and the products subject to in the table below.
Vulnerabilities of Microsoft .NET Framework
| Product | Model name | Reference for detail |
|---|---|---|
| PC CONTOROLLER | PC Controller for DIB-R | https://nvd.nist.gov/vuln/detail/CVE-2023-21722
https://nvd.nist.gov/vuln/detail/CVE-2022-41089 https://nvd.nist.gov/vuln/detail/CVE-2022-41064 https://nvd.nist.gov/vuln/detail/CVE-2022-26929 |
| PC Controller for DMSF-10 | ||
| PC Controller for DSF-2200 | ||
| PC Controller for DSF-6000 | ||
| PC Controller for DSC-10/60i | ||
| PC Controller for DDC-810 | ||
| PC Controller for DDC-8000 | ||
| PC Controller for DSM-1000 | ||
| PC Controller for DM-LU2 | ||
| Duplo GA - PC Controller | ||
| Other software | External Feed Controller | |
| DM JOB FILE TRANSFER | ||
| eTandem | ||
| Duplo + insight Connector |
〈MEASURE〉
On the computer used for Duplo product, please follow the steps as mentioned below to make sure the update.
Select [Start menu] > [Settings] > [Update & Security] > [Windows Update].
Or, select [Start menu] > [Settings] > [Windows Update].
After that, if the screen indicates “Your device is up to date”, the computer is up to date. If it does not indicate, please select [Check for updates] and follow the instructions on the screen to install the update program to the computer.
〈CONTACT〉
If you have any questions or concerns, please do not hesitate to contact our service personnel. We would appreciate it if you could contact us with the "Product information sheet File No. P3674".
Duplo Corporation
February 10th 2023
Dear customers,
Thank you for using Duplo products.
Several cyber security vulnerabilities have been found in Duplo products only while the computer, used for the products, are connected to the Internet. The products model DDC-810, DDC-8000 and DSM-1000 are subject to this issue.
We already have taken the measures for those products to prevent the issue.
Model DDC-810 and DDC-8000 have been applied the measures and scheduled to ship from next production.
Model DSM-1000 has been applied the measures since the first production.
For such products, those shipped out or under production already, our software team has decided it is not necessary to take any measures because of their assessment of the vulnerabilities.
If you have any questions or concerns, for example, a vulnerabilities of the product you ordered, please do not hesitate to contact our service personnel. We would appreciate it if you could see the table below and contact us with the model name you using and the product information sheet File No mentioned in the next column.
Please be informed about the detail and the products subject to in the table below.
| Product | Model name | Product information sheet File No. | Program No. | Reference for detail |
|---|---|---|---|---|
| PC CONTROLLER | DSM-1000 | P3683 | 19A-86814 or less | See (Table 1) DSM-1000. |
| DDC-8000 | P3669 | 19F-86925 or less | See (Table 2) DDC-8000. | |
| DDC-810 | P3669 | 16K-86534 or less | See (Table 3) DDC-810. |
(Table 1) DSM-1000
| Description | Reference for detail |
|---|---|
| Vulnerabilities of Ghostscript | https://jvndb.jvn.jp/en/contents/2019/JVNDB-2019-012236.html https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14811 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14817 |
(Table 2) DDC-8000
(Table 3) DDC-810
〈CONTACT〉
If you have any questions or concerns, please do not hesitate to contact our service personnel. We would appreciate it if you could see the table above and contact us with the model name you using and the product information sheet File No mentioned in the next column.
Duplo Corporation
December 14th 2022
Dear customers,
Thank you for using Duplo products.
Several cyber security vulnerabilities have been found in Duplo products only while the computer, used for the products, are connected to the Internet. However, you have already enabled Windows Update, it is not necessary to take any measures because Windows Update always keeps the security in the computer up to date.
If you
have not enabled Windows Update yet, it is necessary to enable and run it.
Please be informed about the detail and the products subject to in the table below.
Vulnerabilities of Microsoft .NET Framework
| Product | Model name | Reference for detail |
|---|---|---|
| PC CONTOROLLER | PC Controller for DIB-R | https://nvd.nist.gov/vuln/detail/CVE-2022-30130
https://www.cve.org/CVERecord?id=CVE-2022-26832 https://www.cve.org/CVERecord?id=CVE-2022-21911 |
| PC Controller for DMSF-10 | ||
| PC Controller for DSF-2200 | ||
| PC Controller for DSF-6000 | ||
| PC Controller for DSC-10/60i | ||
| PC Controller for DDC-810 | ||
| PC Controller for DDC-8000 | ||
| PC Controller for DSM-1000 | ||
| PC Controller for DM-LU2 | ||
| Duplo GA - PC Controller | ||
| Other software | External Feed Controller | |
| DM JOB FILE TRANSFER | ||
| eTandem | ||
| Duplo + insight Connector |
〈MEASURE〉
On the computer used for Duplo product, please follow the steps as mentioned below to make sure the update.
Select [Start menu] > [Settings] > [Update & Security] > [Windows Update].
Or, select [Start menu] > [Settings] > [Windows Update].
After that, if the screen indicates “Your device is up to date”, the computer is up to date. If it does not indicate, please select [Check for updates] and follow the instructions on the screen to install the update program to the computer.
〈CONTACT〉
If you have any questions or concerns, please do not hesitate to contact our service personnel. We would appreciate it if you could contact us with the "Product information sheet File No. P3674".
Duplo Corporation
