Description

Toshiba printers provides API without authentication for internal access. A local attacker can bypass authentication in applications, providing administrative access. As for the affected productsmodelsversions, see the reference URL.

Classification

Assigner: ecc0f906-8666-484c-bcf8-c3b7520a72f0

CWE: CWE-306

Links
CPEs
  • toshiba printer -

CVSS

CVSS version: 3.1 Base score: 8.4
Base severity: HIGH Vector: AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Exploitability score: 2.5 Impact score: 5.9

Can you explain the CVE description?

This CVE description is for a vulnerability identified as CVE-2024-27169. The vulnerability exists in Toshiba printers that provide an API without authentication for internal access. This allows a local attacker to bypass authentication in applications, gaining administrative access. The CVSS score for this vulnerability is 8.4, indicating a high severity level. The vulnerability is associated with CWE-306, which is a category related to missing authentication for critical function. The vendor and product information is not specified in the description. The vulnerability was published on June 14, 2024, and is currently in the EARLY_WARNING status. The description includes links to additional resources for reference and further information on the vulnerability. The CVSS vector for this vulnerability is AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H, indicating that the vulnerability has low access complexity, no required privileges, no user interaction, scope unchanged, high confidentiality impact, high integrity impact, and high availability impact. The exploitability score is 2.5 and the impact score is 5.9. The assigner of this CVE is identified as ecc0f906-8666-484c-bcf8-c3b7520a72f0.

How can this vulnerability be part of an attack tree?

This vulnerability can be part of an attack tree by being used as a stepping stone for a larger attack on the network. A threat actor could exploit the lack of authentication in Toshiba printers API to gain administrative access to the printers. From there, they could potentially pivot to other systems on the network, escalate their privileges, and carry out further malicious activities such as exfiltrating sensitive data or disrupting operations. By compromising the printers, the attacker could establish a foothold in the network and use it as a launching point for a more extensive attack.


Generated on: 2024-07-05