Toshiba Printers Vulnerable to Local Privilege Escalation Attack
CVE-2024-27150

7.4HIGH

Key Information:

Vendor: Toshiba
Status: Toshiba Tec E-studio Multi-function Peripheral (mfp)
Vendor: CVE Published:; 14 June 2024

Summary

Toshiba printers are subjected to a Local Privilege Escalation vulnerability that could allow unauthorized remote access. This flaw grants attackers the potential to elevate their privileges on the device, enabling them to execute arbitrary code or alter printer configurations. Such vulnerabilities emphasize the critical need for security updates and awareness among users to mitigate risks associated with unauthorized access and data breaches. Affected users should monitor for updates and implement security best practices to safeguard their printing environments.

Affected Version(s)

Toshiba Tec e-Studio multi-function peripheral (MFP) Linux see the reference URL

References

https://www.toshibatec.com/information/20240531_01.html

https://www.toshibatec.com/information/pdf/information202...

https://jvn.jp/en/vu/JVNVU97136265/index.html

CVSS V3.1

Score:

7.4

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

High

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Jun 14, 2024
Vulnerability Reserved
Feb 21, 2024

Credit

We expresses its gratitude to Pierre Barre for reporting relevant security vulnerabilities for our products.