Sharp and Toshiba MFPs Vulnerable to DoS Attack
CVE-2024-36254

7.5HIGH

Key Information:

Vendor: Sharp Corporation
Status: Multiple Mfps (multifunction Printers)
Vendor: CVE Published:; 26 November 2024

🔔 Create Sharp Corporation Vulnerability Alert

What is CVE-2024-36254?

An out-of-bounds read vulnerability has been identified in multifunction printers produced by Sharp Corporation and Toshiba Tec Corporation. This security flaw could allow an attacker to access unintended areas of memory, potentially leading to instability and disruptions in service, commonly resulting in a denial-of-service (DoS) condition. Organizations utilizing these affected multifunction printers are advised to review vendor advisories and apply relevant security measures to mitigate any associated risks.

Affected Version(s)

Multiple MFPs (multifunction printers) See the information provided by Sharp Corporation listed under [References]

Multiple MFPs (multifunction printers) See the information provided by Toshiba Tec Corporation listed under [References]

References

https://global.sharp/products/copier/info/info_security_2...

https://jp.sharp/business/print/information/info_security...

https://www.toshibatec.com/information/20240531_02.html

CVSS V3.1

Score:

7.5

Severity:

HIGH

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Nov 26, 2024
Vulnerability Reserved
May 22, 2024