CyberAlerts is shutting down on June 30th, 2025. Thank you for your support!

Threat and Vulnerability Intelligence Database

RSS Feed

Example Searches:

CVE
Threat Actors
Countries
Vendors
Severity
Known Exploited

CVE-2024-27151
Local Privilege Escalation and Remote Code Execution using insecure permissions
Description: The Toshiba printers are vulnerable to a Local Privilege Escalation vulnerability. An attacker can remotely compromise any Toshiba printer. The programs can be replaced by malicious programs by any local or remote attacker. As for the affected products/models/versions, see the reference URL.

CVSS: HIGH (7.4)

EPSS Score: 0.05%

Source: CVE
February 14th, 2025 (5 months ago)

CVE-2024-27150
Local Privilege Escalation and Remote Code Execution using insecure LD_LIBRARY_PATH
Description: The Toshiba printers are vulnerable to a Local Privilege Escalation vulnerability. An attacker can remotely compromise any Toshiba printer. As for the affected products/models/versions, see the reference URL.

CVSS: HIGH (7.4)

EPSS Score: 0.05%

Source: CVE
February 14th, 2025 (5 months ago)

CVE-2024-27149
Local Privilege Escalation and Remote Code Execution using insecure LD_PRELOAD
Description: The Toshiba printers are vulnerable to a Local Privilege Escalation vulnerability. An attacker can remotely compromise any Toshiba printer. As for the affected products/models/versions, see the reference URL.

CVSS: HIGH (7.4)

EPSS Score: 0.05%

Source: CVE
February 14th, 2025 (5 months ago)

CVE-2024-27148
Local Privilege Escalation and Remote Code Execution using insecure PATH
Description: The Toshiba printers are vulnerable to a Local Privilege Escalation vulnerability. An attacker can remotely compromise any Toshiba printer. As for the affected products/models/versions, see the reference URL.

CVSS: HIGH (7.4)

EPSS Score: 0.05%

Source: CVE
February 14th, 2025 (5 months ago)

CVE-2024-27147
Local Privilege Escalation and Remote Code Execution using snmpd
Description: The Toshiba printers are vulnerable to a Local Privilege Escalation vulnerability. An attacker can remotely compromise any Toshiba printer. As for the affected products/models/versions, see the reference URL.

CVSS: HIGH (7.4)

EPSS Score: 0.05%

Source: CVE
February 14th, 2025 (5 months ago)

CVE-2024-27146
Lack of privileges separation
Description: The Toshiba printers do not implement privileges separation. As for the affected products/models/versions, see the reference URL.

CVSS: MEDIUM (6.7)

EPSS Score: 0.05%

Source: CVE
February 14th, 2025 (5 months ago)

CVE-2024-27145
Multiple Post-authenticated Remote Code Execution
Description: The Toshiba printers provide several ways to upload files using the admin web interface. An attacker can remotely compromise any Toshiba printer. An attacker can overwrite any insecure files. This vulnerability can be executed in combination with other vulnerabilities and difficult to execute alone. So, the CVSS score for this vulnerability alone is lower than the score listed in the "Base Score" of this vulnerability. For detail on related other vulnerabilities, please ask to the below contact point. https://www.toshibatec.com/contacts/products/ As for the affected products/models/versions, see the reference URL.

CVSS: CRITICAL (9.8)

EPSS Score: 0.05%

Source: CVE
February 14th, 2025 (5 months ago)

CVE-2024-27144
Pre-authenticated Remote Code Execution
Description: The Toshiba printers provide several ways to upload files using the web interface without authentication. An attacker can overwrite any insecure files. And the Toshiba printers are vulnerable to a Local Privilege Escalation vulnerability. An attacker can remotely compromise any Toshiba printer. The programs can be replaced by malicious programs by any local or remote attacker. This vulnerability can be executed in combination with other vulnerabilities and difficult to execute alone. So, the CVSS score for this vulnerability alone is lower than the score listed in the "Base Score" of this vulnerability. For detail on related other vulnerabilities, please ask to the below contact point. https://www.toshibatec.com/contacts/products/ As for the affected products/models/versions, see the reference URL.

CVSS: CRITICAL (9.8)

EPSS Score: 0.05%

Source: CVE
February 14th, 2025 (5 months ago)

CVE-2024-27143
Pre-authenticated Remote Code Execution
Description: Toshiba printers use SNMP for configuration. Using the private community, it is possible to remotely execute commands as root on the remote printer. Using this vulnerability will allow any attacker to get a root access on a remote Toshiba printer. This vulnerability can be executed in combination with other vulnerabilities and difficult to execute alone. So, the CVSS score for this vulnerability alone is lower than the score listed in the "Base Score" of this vulnerability. For detail on related other vulnerabilities, please ask to the below contact point. https://www.toshibatec.com/contacts/products/ As for the affected products/models/versions, see the reference URL.

CVSS: CRITICAL (9.8)

EPSS Score: 0.05%

Source: CVE
February 14th, 2025 (5 months ago)

CVE-2024-27142
Pre-authenticated XXE injection
Description: Toshiba printers use XML communication for the API endpoint provided by the printer. For the endpoint, XML parsing library is used and it is vulnerable to a time-based blind XML External Entity (XXE) vulnerability. An attacker can DoS the printers. An attacker can exploit the XXE to retrieve information. As for the affected products/models/versions, see the reference URL.

CVSS: MEDIUM (5.9)

EPSS Score: 0.05%

Source: CVE
February 14th, 2025 (5 months ago)