CVE-2024-27164

Summary

Toshiba printers contain hardcoded credentials. As for the affected products/models/versions, see the reference URL.

Affected Software

VendorProductVersion RangeStatus
Toshiba Tec CorporationToshiba Tec e-Studio multi-function peripheral (MFP)see the reference URLaffected

Weaknesses

  • CWE-259: CWE-259 Use of Hard-coded Password

Workarounds

When connecting the MFPs and printers with an outer network such as the Internet, only operate it in a network environment protected by a firewall, etc. to prevent information from being leaked due to incorrect settings or avoid illegal access by unauthorized users.

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

CVE Program Container

Additional References

References