Authentication Bypass Vulnerability in TOSHIBA TEC e-Studio Multi-Function Devices
CVE-2012-1239

Currently unrated

Key Information:

Vendor

Toshiba
Status
E-studio-tf-182 With Network Printer Kit Firmware
E-studio-352 Firmware
E-studio-4520c
E-studio-355 Firmware
Vendor
CVE Published:
6 April 2012

What is CVE-2012-1239?

The web-based management interface of TOSHIBA TEC e-Studio multi-function peripherals is susceptible to an authentication bypass flaw. This vulnerability allows remote attackers to gain unauthorized administrative access. The affected devices include multiple firmware versions within the 30x, 35x, and 4xx series. Exploitation of this flaw could enable attackers to manipulate device settings and access confidential information without proper authentication.

References

http://jvn.jp/en/jp/JVN92830293/index.html
third-party-advisoryx_refsource_JVN
http://jvndb.jvn.jp/jvndb/JVNDB-2012-000028
third-party-advisoryx_refsource_JVNDB
http://www.toshibatec.co.jp/information/2012/20120405/
x_refsource_CONFIRM

EPSS Score

15% chance of being exploited in the next 30 days.

Timeline

  • Vulnerability Reserved

  • Vulnerability published

.