Description

It was observed that all the Toshiba printers contain credentials used for WebDAV access in the readable file. Then, it is possible to get a full access with WebDAV to the printer. As for the affected productsmodelsversions, see the reference URL.

Classification

Assigner: ecc0f906-8666-484c-bcf8-c3b7520a72f0

CWE: CWE-798

Links
CPEs
  • toshiba printer

CVSS

CVSS version: 3.1 Base score: 7.4
Base severity: HIGH Vector: AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
Exploitability score: 1.4 Impact score: 5.9

Can you explain the CVE description?

This CVE description pertains to a vulnerability identified as CVE-2024-27170, which has a CVSS base score of 7.4, indicating a high severity level. The vulnerability affects all Toshiba printers, as they contain credentials for WebDAV access stored in a readable file. This flaw allows an attacker to gain full access to the printer via WebDAV. The vulnerability was published on June 14, 2024, and is classified as an EARLY_WARNING issue. The CWE associated with this vulnerability is CWE-798. The description provides reference URLs for further information on the vulnerability and affected products. The exploitability score for this vulnerability is 1.4, while the impact score is 5.9. The CVSS vector for this vulnerability is AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H, indicating that the vulnerability can be exploited locally with high access complexity and has a high impact on confidentiality, integrity, and availability. It is important for users of Toshiba printers to take immediate action to mitigate this vulnerability to prevent unauthorized access to their devices.

How can this vulnerability be part of an attack tree?

This vulnerability can be part of an attack tree by following these steps: 1. Attacker identifies a target Toshiba printer that is vulnerable to CVE-2024-27170, which allows for unauthorized access via WebDAV due to hardcoded credentials. 2. Attacker gains access to the readable file containing the credentials used for WebDAV access on the printer. 3. Attacker uses the obtained credentials to gain full access to the printer through WebDAV. 4. Once access is gained, the attacker can potentially perform malicious actions such as uploading malware, stealing sensitive information, or disrupting printer operations. 5. The attacker may also use the compromised printer as a foothold to further infiltrate the network, escalate privileges, or launch additional attacks on other devices or systems within the network. By exploiting this vulnerability in the Toshiba printer, the attacker can potentially cause significant harm to the affected organizations network and operations.


Generated on: 2024-07-05