Toshiba Remote Command Program Vulnerability Allows Remote Code Execution
CVE-2024-27173

9.8CRITICAL

Key Information:

Vendor

Toshiba
Status
Toshiba Tec E-studio Multi-function Peripheral (mfp)
Vendor
CVE Published:
14 June 2024

Badges

๐Ÿ‘พ Exploit Exists๐ŸŸฃ EPSS 45%

What is CVE-2024-27173?

A vulnerability in Toshiba Tec's Remote Command program allows for Remote Code Execution by enabling an attacker to overwrite existing Python files containing executable code. While this vulnerability can be executed alongside other existing vulnerabilities, its standalone execution is challenging, resulting in a lower individual severity score. Careful review and mitigation strategies are advised for systems utilizing this software to protect against potential exploitation.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

Toshiba Tec e-Studio multi-function peripheral (MFP) Linux see the reference URL

References

https://www.toshibatec.com/information/20240531_01.html
https://www.toshibatec.com/information/pdf/information202...
https://jvn.jp/en/vu/JVNVU97136265/index.html

EPSS Score

45% chance of being exploited in the next 30 days.

CVSS V3.1

Score:
9.8
Severity:
CRITICAL
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged

Timeline

  • ๐Ÿ‘พ

    Exploit known to exist

  • Vulnerability published

  • Vulnerability Reserved

Credit

We expresses its gratitude to Pierre Barre for reporting relevant security vulnerabilities for our products.
JSON
.