CVE-2024-27155

Published: Jun 14, 2024Modified: Nov 21, 2024

7.7

Vector

CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N

Exploitability: 2.5 / Impact: 5.2

Source: ecc0f906-8666-484c-bcf8-c3b7520a72f0 (Secondary)

Description

The Toshiba printers are vulnerable to a Local Privilege Escalation vulnerability. An attacker can remotely compromise any Toshiba printer. The programs can be replaced by malicious programs by any local or remote attacker. As for the affected products/models/versions, see the reference URL.

Related CWEs

Incorrect Default Permissions

During installation, installed file permissions are set to allow anyone to modify those files.

References (8)

http://seclists.org/fulldisclosure/2024/Jul/1

Source: ecc0f906-8666-484c-bcf8-c3b7520a72f0

https://jvn.jp/en/vu/JVNVU97136265/index.html

Source: ecc0f906-8666-484c-bcf8-c3b7520a72f0

https://www.toshibatec.com/information/20240531_01.html

Source: ecc0f906-8666-484c-bcf8-c3b7520a72f0

https://www.toshibatec.com/information/pdf/information20240531_01.pdf

Source: ecc0f906-8666-484c-bcf8-c3b7520a72f0

http://seclists.org/fulldisclosure/2024/Jul/1

Source: af854a3a-2127-422b-91ae-364da2661108

https://jvn.jp/en/vu/JVNVU97136265/index.html

Source: af854a3a-2127-422b-91ae-364da2661108

https://www.toshibatec.com/information/20240531_01.html

Source: af854a3a-2127-422b-91ae-364da2661108

https://www.toshibatec.com/information/pdf/information20240531_01.pdf

Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.