Description

The Toshiba printers provide several ways to upload files using the admin web interface. An attacker can remotely compromise any Toshiba printer. An attacker can overwrite any insecure files. This vulnerability can be executed in combination with other vulnerabilities and difficult to execute alone. So, the CVSS score for this vulnerability alone is lower than the score listed in the Base Score of this vulnerability. For detail on related other vulnerabilities, please ask to the below contact point. https:www.toshibatec.comcontactsproducts As for the affected productsmodelsversions, see the reference URL.

Classification

Assigner: ecc0f906-8666-484c-bcf8-c3b7520a72f0

CWE: CWE-22

Links
CPEs
  • toshiba printer

CVSS

CVSS version: 3.1 Base score: 9.8
Base severity: CRITICAL Vector: AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Exploitability score: 3.9 Impact score: 5.9

Can you explain the CVE description?

This Common Vulnerabilities and Exposures (CVE) description is for a vulnerability identified as CVE-2024-27145. The vulnerability affects Toshiba printers and allows an attacker to remotely compromise any Toshiba printer by uploading files using the admin web interface. The attacker can overwrite insecure files on the printer. The vulnerability has a CVSS (Common Vulnerability Scoring System) score of 9.8, indicating a critical severity level. However, the description notes that the vulnerability is difficult to execute alone and may require exploitation in combination with other vulnerabilities. As a result, the CVSS score for this vulnerability alone is lower than the base score listed. The CVE description provides links to additional resources for more information on the vulnerability, including the Japan Vulnerability Notes (JVN) website and Toshibas official information page. The vulnerability is classified as EARLY_WARNING, indicating that it has been recently discovered and may still be actively exploited. The CVSS vector for this vulnerability is AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H, indicating that the vulnerability can be exploited remotely with no authentication required, leading to high confidentiality, integrity, and availability impacts. The CWE (Common Weakness Enumeration) associated with this vulnerability is CWE-22, which relates to improper limitation of a path name to a restricted directory. Overall, this CVE description highlights a critical vulnerability in Toshiba printers that could be exploited by attackers to compromise the devices remotely.

How can this vulnerability be part of an attack tree?

This vulnerability can be part of an attack tree by being used as a stepping stone for a larger attack on a network or organization. For example, an attacker could exploit this vulnerability to gain unauthorized access to a Toshiba printer and then use that access to move laterally within the network, escalate privileges, exfiltrate sensitive data, or launch further attacks on other systems or devices connected to the network. By chaining this vulnerability with other vulnerabilities or attack techniques, an attacker could potentially cause significant harm to the target organization.


Generated on: 2024-07-05