Sharp MFPs Exposed to Authentication Bypass Vulnerability
CVE-2024-47406

9.8CRITICAL

Key Information:

Vendor
Sharp Corporation
Status
Sharp Digital Full-color Mfps And Monochrome Mfps
E-studio 908
E-studio 1058
E-studio 1208
Vendor
CVE Published:
25 October 2024

Summary

Sharp and Toshiba Tec multifunction printers exhibit vulnerabilities in the processing of HTTP authentication requests, allowing attackers to bypass authentication mechanisms. This flaw could enable unauthorized access to restricted functionalities, potentially compromising sensitive information and printer operations. Users are advised to review their device configurations and apply any available security patches to mitigate risks associated with this vulnerability.

Affected Version(s)

e-STUDIO 1058 T1.01.h4.00 and earlier versions

e-STUDIO 1208 T1.01.h4.00 and earlier versions

e-STUDIO 908 T2.12.h3.00 and earlier versions

References

https://jvn.jp/en/vu/JVNVU95063136/
https://global.sharp/products/copier/info/info_security_2...
https://www.toshibatec.com/information/20241025_01.html

CVSS V3.1

Score:
9.8
Severity:
CRITICAL
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.
CVE-2024-47406 : Sharp MFPs Exposed to Authentication Bypass Vulnerability | SecurityVulnerability.io