Information from Toshiba Tec Corporation
Vulnerability ID:JVNVU#91819309
Title:Multiple Brother driver installers for Windows vulnerable to privilege escalation
Status:Vulnerable
This is a statement from the vendor itself with no modification by JPCERT/CC.
Response to vulnerability in the Windows Application installed in some Toshiba Tec’s digital multi-function peripherals
https://www.toshibatec.com/information/20250625_01.html
A vulnerability has been identified in the Windows application of some of our multi-function peripheral. This issue does not result in the leakage of information from the product to outside parties.
Target Products :e-STUDIO 300D/ 301DN/ 302DNF (These products have been sold only in the Chinese market.)
Affected products and versions
The following versions of the Windows software for the e-STUDIO300D, e-STUDIO301DN, and e-STUDIO302DNF.
CD Installer: Versions earlier than G031 (excluding G031)
BRAdmin Light: Versions earlier than G031 (excluding G031)
PnP Driver Uninstall Tool: Versions earlier than G031 (excluding G031)
Countermeasure
Ask your service company to update the software.
