CVE-2024-27151
Local Privilege Escalation and Remote Code Execution using insecure permissions
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
0Exploited in Wild
-Decision
Descriptions
The Toshiba printers are vulnerable to a Local Privilege Escalation vulnerability. An attacker can remotely compromise any Toshiba printer. The programs can be replaced by malicious programs by any local or remote attacker. As for the affected products/models/versions, see the reference URL.
Las impresoras Toshiba son vulnerables a una vulnerabilidad de escalada de privilegios local. Un atacante puede comprometer de forma remota cualquier impresora Toshiba. Los programas pueden ser reemplazados por programas maliciosos por cualquier atacante local o remoto. En cuanto a los productos/modelos/versiones afectados, consulte la URL de referencia.
103 models of Toshiba Multi-Function Printers (MFP) are vulnerable to 40 different vulnerabilities including remote code execution, local privilege escalation, xml injection, and more.
CVSS Scores
SSVC
- Decision:Track*
Timeline
- 2024-02-21 CVE Reserved
- 2024-06-14 CVE Published
- 2024-06-14 EPSS Updated
- 2024-08-02 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-276: Incorrect Default Permissions
CAPEC
- CAPEC-180: Exploiting Incorrectly Configured Access Control Security Levels
References (4)
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Toshiba Tec Corporation Search vendor "Toshiba Tec Corporation" | Toshiba Tec E-Studio Multi-function Peripheral (MFP) Search vendor "Toshiba Tec Corporation" for product "Toshiba Tec E-Studio Multi-function Peripheral (MFP)" | * | en |
Affected
| ||||||