Synapse Mobility Vulnerability Notification

August 19, 2025

Application: Fujifilm Synapse Mobility versions prior to 8.2

We have become aware of a vulnerability in Fujifilm’s Synapse Mobility application for versions 8.0, 8.0.1, 8.0.2, 8.1, 8.1.1. (It does not apply to versions 8.2 or 9.0). This vulnerability allows an escalation of privileges and requires authenticated user interaction. The result of exercising this vulnerability would allow use of the search function to provide results beyond the intended design of role-based access controls.

Mitigation Options:

• It is recommended to upgrade to the latest version of the product or any version from 8.2 onwards to resolve this issue.
• There is an immediate mitigation available of disabling the search function in the configurator settings. Access to the search function for all users can also be removed by unchecking the “Allow plain text accession number” check box in the security section of the admin interface. This will limit the site to use of the product only via the SecureURL feature.
• Patches have been released which will remediate the vulnerability for software versions 8.0 – 8.1.1.

If needed, please call the Technical Assistance Center for assistance at (800) 272-8465 or 1-888-FUJIMED. For international requests or U.S. backup technical support, please call (203) 602-3580.

For purposes of data privacy and security, it is important to install software updates and patches before end-of-support dates. Continued use of any software after its end-of-support date increases the risk to the security of the system.

Again, we strongly encourage you to update your Synapse mobility application to the latest available version if they are past their end-of support date. A current description of Synapse Mobility versions and their support lifecycle dates is available on page 24 of the Synapse Mobility 9.0.0 Product Release Notes, available in our customer portal.