JVNVU#93051062
Multiple vulnerabilities in Sharp and Toshiba Tec MFPs

Overview

Sharp and Toshiba Tec MFPs (multifunction printers) contain multiple vulnerabilities.

Products Affected

As for the details of affected product names, model numbers, and versions, refer to the information provided by the respective vendors listed below.

• Sharp Corporation
• Toshiba Tec Corporation

Description

Sharp and Toshiba Tec MFPs (multifunction printers) contain multiple vulnerabilities listed below.

• Stack-based Buffer Overflow (CWE-121)
  • CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H Base Score:9.0
  • CVE-2024-28038
• Incorrect Permission Assignment for Critical Resource (CWE-732)
  • CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N Base Score:5.9
  • CVE-2024-28955
• Cleartext Storage of Sensitive Information (CWE-312)
  • CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N Base Score:5.9
  • CVE-2024-29146
• Plaintext Storage of a Password (CWE-256)
  • CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N Base Score:5.9
  • CVE-2024-29978
• Storing Passwords in a Recoverable Format (CWE-257)
  • CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N Base Score:5.9
  • CVE-2024-32151
• Path Traversal (CWE-22)
  • CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N Base Score:7.5
  • CVE-2024-33605
• Improper Access Control (CWE-284)
  • CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N Base Score:9.1
  • CVE-2024-33610
• Improper Access Control (CWE-284)
  • CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N Base Score:5.3
  • CVE-2024-33616
• Access to Critical Private Variable via Public Method (CWE-767)
  • CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N Base Score:5.3
  • CVE-2024-34162
• Use of Hard-coded Credentials (CWE-798)
  • CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N Base Score:9.1
  • CVE-2024-35244
• Use of Hard-coded Credentials (CWE-798)
  • CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N Base Score:9.1
  • CVE-2024-36248
• Cross-site Scripting (CWE-79)
  • CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:N/A:N Base Score:7.4
  • CVE-2024-36249
• Out-of-bounds Read (CWE-125)
  • CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Base Score:7.5
  • CVE-2024-36251
• Out-of-bounds Read (CWE-125)
  • CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Base Score:7.5
  • CVE-2024-36254

Impact

• Sending a specially crafted request to the administrative page of the affected MFPs may lead to a denial-of-service (DoS) condition
• Arbitrary files in the affected MFPs may be viewed, and as a result, information in the program may be obtained
• Some of the information in the affected MFPs may be accessed without appropriate privileges
• Arbitrary scripts may be executed on the administrative page of the affected MFPs
• Arbitrary code may be executed on the affected MFPs firmware

For more information, refer to the information provided by the respective vendors.

Solution

Update the firmware
Apply the appropriate firmware update according to the information provided by the respective vendors.

Apply workaround
Applying the following workarounds may mitigate the impacts of these vulnerabilities.

 

• Use the MFPs in the protected network such as with firewalls and/or routers
• Restrict the access to the web pages of the MFPs by setting appropriate passwords (*1)
• Change the factory-shipped initial passwords, and manage them appropriately

(*1) This function is enabled in the MFPs sold in Japan, however, it is disabled in the MFPs sold in other countries

For the details of the updates and workarounds, refer to the information provided by the respective vendors from [Vendor Status] section.