https://www.toshibatec.com/information/20240531_01.html <br/></td> CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"/>https://www.toshibatec.com/information/20240531_01.html <br/></td> CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"/>

Exploit
CVE-2024-3496

Authentication Bypass Using an Alternate Path or Channel (CWE-288)

Published: Jun 14, 2024 / Updated: 5mo ago

010
CVSS 8.8EPSS 0.05%High
CVE info copied to clipboard

Summary

This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of Toshiba e-STUDIO2518A printers. The specific flaw exists within the authentication mechanism due to improper session management. An attacker can leverage this vulnerability to bypass authentication on the system without requiring any user interaction. The vulnerability has been assigned a CVSS v3 base score of 8.8, which is considered HIGH severity.

Impact

The impact of this vulnerability is severe. Successful exploitation could lead to unauthorized access to the affected Toshiba e-STUDIO2518A printers. With the ability to bypass authentication, an attacker could potentially: 1. Gain full control over the printer's functions 2. Access and potentially exfiltrate sensitive documents or information stored on or passing through the printer 3. Use the compromised printer as a pivot point for further network attacks 4. Modify printer settings or firmware, potentially leading to service disruption or additional security compromises The CVSS score indicates HIGH impacts on confidentiality, integrity, and availability, underscoring the seriousness of this vulnerability.

Exploitation

One proof-of-concept exploit is available on zerodayinitiative.com. There is no evidence of proof of exploitation at the moment.

Patch

Toshiba has issued an update to correct this vulnerability. The security team should prioritize applying this patch to all affected Toshiba e-STUDIO2518A printers in the organization. More details about the patch can be found at: https://www.toshibatec.com/information/20240531_01.html

Mitigation

While patching is the primary mitigation, the security team should also consider the following steps: 1. Immediately identify and inventory all Toshiba e-STUDIO2518A printers in the network. 2. Apply the vendor-provided patch as soon as possible to all affected devices. 3. If immediate patching is not possible, consider temporarily isolating affected printers from the network or restricting network access to these devices to only trusted IP addresses. 4. Implement network segmentation to limit the potential impact of a compromised printer. 5. Monitor printer logs and network traffic for any suspicious activities that might indicate exploitation attempts. 6. Ensure that printer firmware and software are regularly updated as part of ongoing security maintenance. 7. Educate users about the risks associated with network-connected printers and the importance of reporting any unusual printer behavior.

CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Timeline

First Article

Feedly found the first article mentioning CVE-2024-3496. See article

Jun 14, 2024 at 3:20 AM / <object object at 0x7e3db861e530>
CVE Assignment

NVD published the first details for CVE-2024-3496

Jun 14, 2024 at 5:15 AM
CVSS Estimate

Feedly estimated the CVSS score as HIGH

Jun 14, 2024 at 5:24 AM
EPSS

EPSS Score was set to: 0.05% (Percentile: 15.5%)

Jun 14, 2024 at 10:05 AM
Static CVE Timeline Graph

Affected Systems

Toshiba
+null more

Exploits

https://www.zerodayinitiative.com/advisories/ZDI-24-813/
+null more

Links to Mitre Att&cks

T1083: File and Directory Discovery
+null more

Attack Patterns

CAPEC-127: Directory Indexing
+null more

Vendor Advisory

ZDI-24-813: Toshiba e-STUDIO2518A Authentication Bypass Vulnerability
This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of Toshiba e-STUDIO2518A printers. Authentication is not required to exploit this vulnerability. The ZDI has assigned a CVSS rating of 8.8. The following CVEs are assigned: CVE-2024-3496.

News

Multiple vulnerabilities in Toshiba Tec MFPs
Security Bulletin 19 June 2024 - Cyber Security Agency of Singapore
Security Bulletin 19 June 2024 Cyber Security Agency of Singapore
ZDI-24-813: Toshiba e-STUDIO2518A Authentication Bypass Vulnerability
This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of Toshiba e-STUDIO2518A printers. Authentication is not required to exploit this vulnerability. The ZDI has assigned a CVSS rating of 8.8. The following CVEs are assigned: CVE-2024-3496.
Toshiba Tec Identifies More MFP Vulnerabilities
A vulnerable code set is used in part of the internal program code of the multifunction device, and information can be stolen by a third party who has access to the multifunction device. There is a cross-site scripting vulnerability in the web management program (TopAccess), which allows information to be stolen by a third party who has access to the multifunction device.
Understanding CVE-2024-3496: A Critical Security Vulnerability in Printer Web Login Systems
Understanding CVE-2024-3496: A Critical Security Vulnerability in Printer Web Login Systems About CVE-2024-3496: This vulnerability allows attackers to bypass the web login authentication process on certain printers.
See 8 more articles and social media posts

CVSS V3.1

Attack Vector:Adjacent_network
Attack Complexity:Low
Privileges Required:None
User Interaction:None
Scope:Unchanged
Confidentiality:High
Integrity:High
Availability Impact:High

Categories

Be the first to know about critical vulnerabilities

Collect, analyze, and share vulnerability reports faster using AI