Sharp MFPs Vulnerable to Out-of-bounds Read Attacks

CVE-2024-42420
7.5HIGH

Key Information

Vendor
Sharp Corporation
Status
Sharp Digital Full-color Mfps And Monochrome Mfps
E-studio 908
E-studio 1058
E-studio 1208
Vendor
CVE Published:
25 October 2024

Summary

Sharp and Toshiba Tec MFPs contain multiple Out-of-bounds Read vulnerabilities, due to improper processing of keyword search input and improper processing of SOAP messages. Crafted HTTP requests may cause affected products crashed.

Affected Version(s)

Sharp Digital Full-color MFPs and Monochrome MFPs = see the information provided by Sharp Corporation.

e-STUDIO 908 = T2.12.h3.00 and earlier versions

e-STUDIO 1058 = T1.01.h4.00 and earlier versions

CVSS V3.1

Score:
7.5
Severity:
HIGH
Confidentiality:
None
Integrity:
None
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published.

  • Vulnerability Reserved.

Collectors

NVD DatabaseMitre Database
.