Multiple vulnerabilities in Toshiba Tec MFPs



Risk High
Patch available YES
Number of vulnerabilities 43
CVE-ID CVE-2024-27170
CVE-2024-27156
CVE-2024-27157
CVE-2024-27166
CVE-2024-27179
CVE-2024-27158
CVE-2024-27159
CVE-2024-27160
CVE-2024-27161
CVE-2024-27168
CVE-2024-27164
CVE-2024-27178
CVE-2024-27162
CVE-2024-27163
CVE-2024-27165
CVE-2024-27169
CVE-2024-27172
CVE-2024-27175
CVE-2024-27180
CVE-2024-3496
CVE-2024-3497
CVE-2024-27154
CVE-2024-27177
CVE-2024-27150
CVE-2024-27141
CVE-2024-27142
CVE-2024-27143
CVE-2024-27146
CVE-2024-27147
CVE-2024-3498
CVE-2024-27148
CVE-2024-27149
CVE-2024-27151
CVE-2024-27176
CVE-2024-27152
CVE-2024-27153
CVE-2024-27155
CVE-2024-27167
CVE-2024-27171
CVE-2024-27144
CVE-2024-27145
CVE-2024-27173
CVE-2024-27174
CWE-ID CWE-798
CWE-532
CWE-256
CWE-1295
CWE-1392
CWE-259
CWE-22
CWE-79
CWE-319
CWE-272
CWE-306
CWE-78
CWE-73
CWE-367
CWE-288
CWE-276
CWE-776
CWE-250
Exploitation vector Network
Public exploit N/A
Vulnerable software
Subscribe 		e-STUDIO 2021AC FC-2021AC
Hardware solutions / Office equipment, IP-phones, print servers

e-STUDIO 2521AC FC-2521AC
Hardware solutions / Office equipment, IP-phones, print servers

e-STUDIO 2020AC FC-2020AC
Hardware solutions / Office equipment, IP-phones, print servers

e-STUDIO 2520AC FC-2520AC
Hardware solutions / Office equipment, IP-phones, print servers

e-STUDIO 2025NC FC-2025AC
Hardware solutions / Office equipment, IP-phones, print servers

e-STUDIO 2525AC FC-2525AC
Hardware solutions / Office equipment, IP-phones, print servers

e-STUDIO 3025AC FC-3025AC
Hardware solutions / Office equipment, IP-phones, print servers

e-STUDIO 3525AC FC-3525AC
Hardware solutions / Office equipment, IP-phones, print servers

e-STUDIO 3525ACG FC-3525ACG
Hardware solutions / Office equipment, IP-phones, print servers

e-STUDIO 4525AC FC-4525AC
Hardware solutions / Office equipment, IP-phones, print servers

e-STUDIO 4525ACG FC-4525ACG
Hardware solutions / Office equipment, IP-phones, print servers

e-STUDIO 5525AC FC-5525AC
Hardware solutions / Office equipment, IP-phones, print servers

e-STUDIO 5525ACG FC-5525ACG
Hardware solutions / Office equipment, IP-phones, print servers

e-STUDIO 6525AC FC-6525AC
Hardware solutions / Office equipment, IP-phones, print servers

e-STUDIO 6525ACG FC-6525ACG
Hardware solutions / Office equipment, IP-phones, print servers

e-STUDIO 2528A DP-2528A
Hardware solutions / Office equipment, IP-phones, print servers

e-STUDIO 3028A DP-3028A
Hardware solutions / Office equipment, IP-phones, print servers

e-STUDIO 3528A DP-3528A
Hardware solutions / Office equipment, IP-phones, print servers

e-STUDIO 3528AG DP-3528AG
Hardware solutions / Office equipment, IP-phones, print servers

e-STUDIO 4528A DP-4528A
Hardware solutions / Office equipment, IP-phones, print servers

e-STUDIO 4528AG DP-4528AG
Hardware solutions / Office equipment, IP-phones, print servers

e-STUDIO 5528A DP-5528A
Hardware solutions / Office equipment, IP-phones, print servers

e-STUDIO 6528A DP-6528A
Hardware solutions / Office equipment, IP-phones, print servers

e-STUDIO 6526AC FC-6526AC
Hardware solutions / Office equipment, IP-phones, print servers

e-STUDIO 6527AC FC-6527AC
Hardware solutions / Office equipment, IP-phones, print servers

e-STUDIO 7527AC FC-7527AC
Hardware solutions / Office equipment, IP-phones, print servers

e-STUDIO 6529A DP-6529A
Hardware solutions / Office equipment, IP-phones, print servers

e-STUDIO 7529A DP-7529A
Hardware solutions / Office equipment, IP-phones, print servers

e-STUDIO 9029A DP-9029A
Hardware solutions / Office equipment, IP-phones, print servers

e-STUDIO 330AC FC-330AC
Hardware solutions / Office equipment, IP-phones, print servers

e-STUDIO 400AC FC-400AC
Hardware solutions / Office equipment, IP-phones, print servers

e-STUDIO 2010AC FC-2010AC
Hardware solutions / Office equipment, IP-phones, print servers

e-STUDIO 2110AC FC-2110AC
Hardware solutions / Office equipment, IP-phones, print servers

e-STUDIO 2510AC FC-2510AC
Hardware solutions / Office equipment, IP-phones, print servers

e-STUDIO 2610AC FC-2610AC
Hardware solutions / Office equipment, IP-phones, print servers

e-STUDIO 2015NC FC-2015AC
Hardware solutions / Office equipment, IP-phones, print servers

e-STUDIO 2515AC FC-2515AC
Hardware solutions / Office equipment, IP-phones, print servers

e-STUDIO 2615AC FC-2615AC
Hardware solutions / Office equipment, IP-phones, print servers

e-STUDIO 3015AC FC-3015AC
Hardware solutions / Office equipment, IP-phones, print servers

e-STUDIO 3115AC FC-3115AC
Hardware solutions / Office equipment, IP-phones, print servers

e-STUDIO 3515AC FC-3515AC
Hardware solutions / Office equipment, IP-phones, print servers

e-STUDIO 3615AC FC-3615AC
Hardware solutions / Office equipment, IP-phones, print servers

e-STUDIO 4515AC FC-4515AC
Hardware solutions / Office equipment, IP-phones, print servers

e-STUDIO 4615AC FC-4615AC
Hardware solutions / Office equipment, IP-phones, print servers

e-STUDIO 5015AC FC-5015AC
Hardware solutions / Office equipment, IP-phones, print servers

e-STUDIO 5115AC FC-5115AC
Hardware solutions / Office equipment, IP-phones, print servers

e-STUDIO 2018A DP-2018A
Hardware solutions / Office equipment, IP-phones, print servers

e-STUDIO 2518A DP-2518A
Hardware solutions / Office equipment, IP-phones, print servers

e-STUDIO 2618A DP-2618A
Hardware solutions / Office equipment, IP-phones, print servers

e-STUDIO 3018A DP-3018A
Hardware solutions / Office equipment, IP-phones, print servers

e-STUDIO 3118A DP-3118A
Hardware solutions / Office equipment, IP-phones, print servers

e-STUDIO 3018AG DP-3018AG
Hardware solutions / Office equipment, IP-phones, print servers

e-STUDIO 3518A DP-3518A
Hardware solutions / Office equipment, IP-phones, print servers

e-STUDIO 3518AG DP-3518AG
Hardware solutions / Office equipment, IP-phones, print servers

e-STUDIO 3618A DP-3618A
Hardware solutions / Office equipment, IP-phones, print servers

e-STUDIO 3618AG DP-3618AG
Hardware solutions / Office equipment, IP-phones, print servers

e-STUDIO 4518A DP-4518A
Hardware solutions / Office equipment, IP-phones, print servers

e-STUDIO 4518AG DP-4518AG
Hardware solutions / Office equipment, IP-phones, print servers

e-STUDIO 4618A DP-4618A
Hardware solutions / Office equipment, IP-phones, print servers

e-STUDIO 4618AG DP-4618AG
Hardware solutions / Office equipment, IP-phones, print servers

e-STUDIO 5018A DP-5018A
Hardware solutions / Office equipment, IP-phones, print servers

e-STUDIO 5118A DP-5118A
Hardware solutions / Office equipment, IP-phones, print servers

e-STUDIO 5516AC FC-5516AC
Hardware solutions / Office equipment, IP-phones, print servers

e-STUDIO 5616AC FC-5616AC
Hardware solutions / Office equipment, IP-phones, print servers

e-STUDIO 6516AC FC-6516AC
Hardware solutions / Office equipment, IP-phones, print servers

e-STUDIO 6616AC FC-6616AC
Hardware solutions / Office equipment, IP-phones, print servers

e-STUDIO 7516AC FC-7516AC
Hardware solutions / Office equipment, IP-phones, print servers

e-STUDIO 7616AC FC-7616AC
Hardware solutions / Office equipment, IP-phones, print servers

e-STUDIO 5518A DP-5518A
Hardware solutions / Office equipment, IP-phones, print servers

e-STUDIO 5618A DP-5618A
Hardware solutions / Office equipment, IP-phones, print servers

e-STUDIO 6518A DP-6518A
Hardware solutions / Office equipment, IP-phones, print servers

e-STUDIO 6618A DP-6618A
Hardware solutions / Office equipment, IP-phones, print servers

e-STUDIO 7518A DP-7518A
Hardware solutions / Office equipment, IP-phones, print servers

e-STUDIO 7618A DP-7618A
Hardware solutions / Office equipment, IP-phones, print servers

e-STUDIO 8518A DP-8518A
Hardware solutions / Office equipment, IP-phones, print servers

e-STUDIO 8618A DP-8618A
Hardware solutions / Office equipment, IP-phones, print servers

e-STUDIO 2000AC FC-2000AC
Hardware solutions / Office equipment, IP-phones, print servers

e-STUDIO 2500AC FC-2500AC
Hardware solutions / Office equipment, IP-phones, print servers

e-STUDIO 2005NC FC-2005AC
Hardware solutions / Office equipment, IP-phones, print servers

e-STUDIO 2505AC FC-2005AC
Hardware solutions / Office equipment, IP-phones, print servers

e-STUDIO 3005AC FC-2005AC
Hardware solutions / Office equipment, IP-phones, print servers

e-STUDIO 3505AC FC-2005AC
Hardware solutions / Office equipment, IP-phones, print servers

e-STUDIO 4505AC FC-2005AC
Hardware solutions / Office equipment, IP-phones, print servers

e-STUDIO 5005AC FC-2005AC
Hardware solutions / Office equipment, IP-phones, print servers

e-STUDIO 2008A DP-2008A
Hardware solutions / Office equipment, IP-phones, print servers

e-STUDIO 2508A DP-2508A
Hardware solutions / Office equipment, IP-phones, print servers

e-STUDIO 3008A DP-3008A
Hardware solutions / Office equipment, IP-phones, print servers

e-STUDIO 3008AG DP-3008AG
Hardware solutions / Office equipment, IP-phones, print servers

e-STUDIO 3508A DP-3508A
Hardware solutions / Office equipment, IP-phones, print servers

e-STUDIO 3508AG DP-3508AG
Hardware solutions / Office equipment, IP-phones, print servers

e-STUDIO 4508A DP-4508A
Hardware solutions / Office equipment, IP-phones, print servers

e-STUDIO 4508AG DP-4508AG
Hardware solutions / Office equipment, IP-phones, print servers

e-STUDIO 5008A DP-5008A
Hardware solutions / Office equipment, IP-phones, print servers

e-STUDIO 5506AC FC-5506AC
Hardware solutions / Office equipment, IP-phones, print servers

e-STUDIO 6506AC FC-6506AC
Hardware solutions / Office equipment, IP-phones, print servers

e-STUDIO 7506AC FC-7506AC
Hardware solutions / Office equipment, IP-phones, print servers

e-STUDIO 5508A DP-5508A
Hardware solutions / Office equipment, IP-phones, print servers

e-STUDIO 6508A DP-6508A
Hardware solutions / Office equipment, IP-phones, print servers

e-STUDIO 7508A DP-7508A
Hardware solutions / Office equipment, IP-phones, print servers

e-STUDIO 8508A DP-8508A
Hardware solutions / Office equipment, IP-phones, print servers

e-STUDIO 3508LP DP-3535
Hardware solutions / Office equipment, IP-phones, print servers

e-STUDIO 4508LP DP-4535
Hardware solutions / Office equipment, IP-phones, print servers

e-STUDIO 5008LP DP-5035
Hardware solutions / Office equipment, IP-phones, print servers

Vendor Toshiba

Security Bulletin

This security bulletin contains information about 43 vulnerabilities.

1) Use of hard-coded credentials

EUVDB-ID: #VU92407

Risk: Low

CVSSv3.1: 5.4 [CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-27170

CWE-ID: CWE-798 - Use of Hard-coded Credentials

Exploit availability: No

Description

The vulnerability allows a local attacker to gain full access to vulnerable system.

The vulnerability exists due to presence of hard-coded credentials in application code. A local attacker can decrypt the encrypted files using the hardcoded key.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

e-STUDIO 2021AC FC-2021AC: All versions

e-STUDIO 2521AC FC-2521AC: All versions

e-STUDIO 2020AC FC-2020AC: All versions

e-STUDIO 2520AC FC-2520AC: All versions

e-STUDIO 2025NC FC-2025AC: All versions

e-STUDIO 2525AC FC-2525AC: All versions

e-STUDIO 3025AC FC-3025AC: All versions

e-STUDIO 3525AC FC-3525AC: All versions

e-STUDIO 3525ACG FC-3525ACG: All versions

e-STUDIO 4525AC FC-4525AC: All versions

e-STUDIO 4525ACG FC-4525ACG: All versions

e-STUDIO 5525AC FC-5525AC: All versions

e-STUDIO 5525ACG FC-5525ACG: All versions

e-STUDIO 6525AC FC-6525AC: All versions

e-STUDIO 6525ACG FC-6525ACG: All versions

e-STUDIO 2528A DP-2528A: All versions

e-STUDIO 3028A DP-3028A: All versions

e-STUDIO 3528A DP-3528A: All versions

e-STUDIO 3528AG DP-3528AG: All versions

e-STUDIO 4528A DP-4528A: All versions

e-STUDIO 4528AG DP-4528AG: All versions

e-STUDIO 5528A DP-5528A: All versions

e-STUDIO 6528A DP-6528A: All versions

e-STUDIO 6526AC FC-6526AC: All versions

e-STUDIO 6527AC FC-6527AC: All versions

e-STUDIO 7527AC FC-7527AC: All versions

e-STUDIO 6529A DP-6529A: All versions

e-STUDIO 7529A DP-7529A: All versions

e-STUDIO 9029A DP-9029A: All versions

e-STUDIO 330AC FC-330AC: All versions

e-STUDIO 400AC FC-400AC: All versions

e-STUDIO 2010AC FC-2010AC: All versions

e-STUDIO 2110AC FC-2110AC: All versions

e-STUDIO 2510AC FC-2510AC: All versions

e-STUDIO 2610AC FC-2610AC: All versions

e-STUDIO 2015NC FC-2015AC: All versions

e-STUDIO 2515AC FC-2515AC: All versions

e-STUDIO 2615AC FC-2615AC: All versions

e-STUDIO 3015AC FC-3015AC: All versions

e-STUDIO 3115AC FC-3115AC: All versions

e-STUDIO 3515AC FC-3515AC: All versions

e-STUDIO 3615AC FC-3615AC: All versions

e-STUDIO 4515AC FC-4515AC: All versions

e-STUDIO 4615AC FC-4615AC: All versions

e-STUDIO 5015AC FC-5015AC: All versions

e-STUDIO 5115AC FC-5115AC: All versions

e-STUDIO 2018A DP-2018A: All versions

e-STUDIO 2518A DP-2518A: All versions

e-STUDIO 2618A DP-2618A: All versions

e-STUDIO 3018A DP-3018A: All versions

e-STUDIO 3118A DP-3118A: All versions

e-STUDIO 3018AG DP-3018AG: All versions

e-STUDIO 3518A DP-3518A: All versions

e-STUDIO 3518AG DP-3518AG: All versions

e-STUDIO 3618A DP-3618A: All versions

e-STUDIO 3618AG DP-3618AG: All versions

e-STUDIO 4518A DP-4518A: All versions

e-STUDIO 4518AG DP-4518AG: All versions

e-STUDIO 4618A DP-4618A: All versions

e-STUDIO 4618AG DP-4618AG: All versions

e-STUDIO 5018A DP-5018A: All versions

e-STUDIO 5118A DP-5118A: All versions

e-STUDIO 5516AC FC-5516AC: All versions

e-STUDIO 5616AC FC-5616AC: All versions

e-STUDIO 6516AC FC-6516AC: All versions

e-STUDIO 6616AC FC-6616AC: All versions

e-STUDIO 7516AC FC-7516AC: All versions

e-STUDIO 7616AC FC-7616AC: All versions

e-STUDIO 5518A DP-5518A: All versions

e-STUDIO 5618A DP-5618A: All versions

e-STUDIO 6518A DP-6518A: All versions

e-STUDIO 6618A DP-6618A: All versions

e-STUDIO 7518A DP-7518A: All versions

e-STUDIO 7618A DP-7618A: All versions

e-STUDIO 8518A DP-8518A: All versions

e-STUDIO 8618A DP-8618A: All versions

e-STUDIO 2000AC FC-2000AC: All versions

e-STUDIO 2500AC FC-2500AC: All versions

e-STUDIO 2005NC FC-2005AC: All versions

e-STUDIO 2505AC FC-2005AC: All versions

e-STUDIO 3005AC FC-2005AC: All versions

e-STUDIO 3505AC FC-2005AC: All versions

e-STUDIO 4505AC FC-2005AC: All versions

e-STUDIO 5005AC FC-2005AC: All versions

e-STUDIO 2008A DP-2008A: All versions

e-STUDIO 2508A DP-2508A: All versions

e-STUDIO 3008A DP-3008A: All versions

e-STUDIO 3008AG DP-3008AG: All versions

e-STUDIO 3508A DP-3508A: All versions

e-STUDIO 3508AG DP-3508AG: All versions

e-STUDIO 4508A DP-4508A: All versions

e-STUDIO 4508AG DP-4508AG: All versions

e-STUDIO 5008A DP-5008A: All versions

e-STUDIO 5506AC FC-5506AC: All versions

e-STUDIO 6506AC FC-6506AC: All versions

e-STUDIO 7506AC FC-7506AC: All versions

e-STUDIO 5508A DP-5508A: All versions

e-STUDIO 6508A DP-6508A: All versions

e-STUDIO 7508A DP-7508A: All versions

e-STUDIO 8508A DP-8508A: All versions

e-STUDIO 3508LP DP-3535: All versions

e-STUDIO 4508LP DP-4535: All versions

e-STUDIO 5008LP DP-5035: All versions

CPE2.3 External links

http://jvn.jp/en/vu/JVNVU97136265/index.html
http://www.toshibatec.com/information/20240531_01.html


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

How the attacker can exploit this vulnerability?

The attacker would have to send a specially crafted request to the affected device in order to exploit this vulnerability.

The attacker would have to login to the system and perform certain actions in order to exploit this vulnerability.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

2) Inclusion of Sensitive Information in Log Files

EUVDB-ID: #VU92286

Risk: Low

CVSSv3.1: 5.4 [CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-27156

CWE-ID: CWE-532 - Information Exposure Through Log Files

Exploit availability: No

Description

The vulnerability allows a local attacker to gain access to sensitive information.

The vulnerability exists due to software stores sensitive information into log files. A local attacker can read the log files and gain access to sensitive data.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

e-STUDIO 2021AC FC-2021AC: All versions

e-STUDIO 2521AC FC-2521AC: All versions

e-STUDIO 2020AC FC-2020AC: All versions

e-STUDIO 2520AC FC-2520AC: All versions

e-STUDIO 2025NC FC-2025AC: All versions

e-STUDIO 2525AC FC-2525AC: All versions

e-STUDIO 3025AC FC-3025AC: All versions

e-STUDIO 3525AC FC-3525AC: All versions

e-STUDIO 3525ACG FC-3525ACG: All versions

e-STUDIO 4525AC FC-4525AC: All versions

e-STUDIO 4525ACG FC-4525ACG: All versions

e-STUDIO 5525AC FC-5525AC: All versions

e-STUDIO 5525ACG FC-5525ACG: All versions

e-STUDIO 6525AC FC-6525AC: All versions

e-STUDIO 6525ACG FC-6525ACG: All versions

e-STUDIO 2528A DP-2528A: All versions

e-STUDIO 3028A DP-3028A: All versions

e-STUDIO 3528A DP-3528A: All versions

e-STUDIO 3528AG DP-3528AG: All versions

e-STUDIO 4528A DP-4528A: All versions

e-STUDIO 4528AG DP-4528AG: All versions

e-STUDIO 5528A DP-5528A: All versions

e-STUDIO 6528A DP-6528A: All versions

e-STUDIO 6526AC FC-6526AC: All versions

e-STUDIO 6527AC FC-6527AC: All versions

e-STUDIO 7527AC FC-7527AC: All versions

e-STUDIO 6529A DP-6529A: All versions

e-STUDIO 7529A DP-7529A: All versions

e-STUDIO 9029A DP-9029A: All versions

e-STUDIO 330AC FC-330AC: All versions

e-STUDIO 400AC FC-400AC: All versions

e-STUDIO 2010AC FC-2010AC: All versions

e-STUDIO 2110AC FC-2110AC: All versions

e-STUDIO 2510AC FC-2510AC: All versions

e-STUDIO 2610AC FC-2610AC: All versions

e-STUDIO 2015NC FC-2015AC: All versions

e-STUDIO 2515AC FC-2515AC: All versions

e-STUDIO 2615AC FC-2615AC: All versions

e-STUDIO 3015AC FC-3015AC: All versions

e-STUDIO 3115AC FC-3115AC: All versions

e-STUDIO 3515AC FC-3515AC: All versions

e-STUDIO 3615AC FC-3615AC: All versions

e-STUDIO 4515AC FC-4515AC: All versions

e-STUDIO 4615AC FC-4615AC: All versions

e-STUDIO 5015AC FC-5015AC: All versions

e-STUDIO 5115AC FC-5115AC: All versions

e-STUDIO 2018A DP-2018A: All versions

e-STUDIO 2518A DP-2518A: All versions

e-STUDIO 2618A DP-2618A: All versions

e-STUDIO 3018A DP-3018A: All versions

e-STUDIO 3118A DP-3118A: All versions

e-STUDIO 3018AG DP-3018AG: All versions

e-STUDIO 3518A DP-3518A: All versions

e-STUDIO 3518AG DP-3518AG: All versions

e-STUDIO 3618A DP-3618A: All versions

e-STUDIO 3618AG DP-3618AG: All versions

e-STUDIO 4518A DP-4518A: All versions

e-STUDIO 4518AG DP-4518AG: All versions

e-STUDIO 4618A DP-4618A: All versions

e-STUDIO 4618AG DP-4618AG: All versions

e-STUDIO 5018A DP-5018A: All versions

e-STUDIO 5118A DP-5118A: All versions

e-STUDIO 5516AC FC-5516AC: All versions

e-STUDIO 5616AC FC-5616AC: All versions

e-STUDIO 6516AC FC-6516AC: All versions

e-STUDIO 6616AC FC-6616AC: All versions

e-STUDIO 7516AC FC-7516AC: All versions

e-STUDIO 7616AC FC-7616AC: All versions

e-STUDIO 5518A DP-5518A: All versions

e-STUDIO 5618A DP-5618A: All versions

e-STUDIO 6518A DP-6518A: All versions

e-STUDIO 6618A DP-6618A: All versions

e-STUDIO 7518A DP-7518A: All versions

e-STUDIO 7618A DP-7618A: All versions

e-STUDIO 8518A DP-8518A: All versions

e-STUDIO 8618A DP-8618A: All versions

e-STUDIO 2000AC FC-2000AC: All versions

e-STUDIO 2500AC FC-2500AC: All versions

e-STUDIO 2005NC FC-2005AC: All versions

e-STUDIO 2505AC FC-2005AC: All versions

e-STUDIO 3005AC FC-2005AC: All versions

e-STUDIO 3505AC FC-2005AC: All versions

e-STUDIO 4505AC FC-2005AC: All versions

e-STUDIO 5005AC FC-2005AC: All versions

e-STUDIO 2008A DP-2008A: All versions

e-STUDIO 2508A DP-2508A: All versions

e-STUDIO 3008A DP-3008A: All versions

e-STUDIO 3008AG DP-3008AG: All versions

e-STUDIO 3508A DP-3508A: All versions

e-STUDIO 3508AG DP-3508AG: All versions

e-STUDIO 4508A DP-4508A: All versions

e-STUDIO 4508AG DP-4508AG: All versions

e-STUDIO 5008A DP-5008A: All versions

e-STUDIO 5506AC FC-5506AC: All versions

e-STUDIO 6506AC FC-6506AC: All versions

e-STUDIO 7506AC FC-7506AC: All versions

e-STUDIO 5508A DP-5508A: All versions

e-STUDIO 6508A DP-6508A: All versions

e-STUDIO 7508A DP-7508A: All versions

e-STUDIO 8508A DP-8508A: All versions

e-STUDIO 3508LP DP-3535: All versions

e-STUDIO 4508LP DP-4535: All versions

e-STUDIO 5008LP DP-5035: All versions

CPE2.3 External links

http://jvn.jp/en/vu/JVNVU97136265/index.html
http://www.toshibatec.com/information/20240531_01.html


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

How the attacker can exploit this vulnerability?

The attacker would have to send a specially crafted request to the affected device in order to exploit this vulnerability.

The attacker would have to login to the system and perform certain actions in order to exploit this vulnerability.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

3) Inclusion of Sensitive Information in Log Files

EUVDB-ID: #VU92287

Risk: Low

CVSSv3.1: 5.4 [CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-27157

CWE-ID: CWE-532 - Information Exposure Through Log Files

Exploit availability: No

Description

The vulnerability allows a local attacker to gain access to sensitive information.

The vulnerability exists due to software stores sensitive information into log files. A local attacker can read the log files and gain access to sensitive data.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

e-STUDIO 2021AC FC-2021AC: All versions

e-STUDIO 2521AC FC-2521AC: All versions

e-STUDIO 2020AC FC-2020AC: All versions

e-STUDIO 2520AC FC-2520AC: All versions

e-STUDIO 2025NC FC-2025AC: All versions

e-STUDIO 2525AC FC-2525AC: All versions

e-STUDIO 3025AC FC-3025AC: All versions

e-STUDIO 3525AC FC-3525AC: All versions

e-STUDIO 3525ACG FC-3525ACG: All versions

e-STUDIO 4525AC FC-4525AC: All versions

e-STUDIO 4525ACG FC-4525ACG: All versions

e-STUDIO 5525AC FC-5525AC: All versions

e-STUDIO 5525ACG FC-5525ACG: All versions

e-STUDIO 6525AC FC-6525AC: All versions

e-STUDIO 6525ACG FC-6525ACG: All versions

e-STUDIO 2528A DP-2528A: All versions

e-STUDIO 3028A DP-3028A: All versions

e-STUDIO 3528A DP-3528A: All versions

e-STUDIO 3528AG DP-3528AG: All versions

e-STUDIO 4528A DP-4528A: All versions

e-STUDIO 4528AG DP-4528AG: All versions

e-STUDIO 5528A DP-5528A: All versions

e-STUDIO 6528A DP-6528A: All versions

e-STUDIO 6526AC FC-6526AC: All versions

e-STUDIO 6527AC FC-6527AC: All versions

e-STUDIO 7527AC FC-7527AC: All versions

e-STUDIO 6529A DP-6529A: All versions

e-STUDIO 7529A DP-7529A: All versions

e-STUDIO 9029A DP-9029A: All versions

e-STUDIO 330AC FC-330AC: All versions

e-STUDIO 400AC FC-400AC: All versions

e-STUDIO 2010AC FC-2010AC: All versions

e-STUDIO 2110AC FC-2110AC: All versions

e-STUDIO 2510AC FC-2510AC: All versions

e-STUDIO 2610AC FC-2610AC: All versions

e-STUDIO 2015NC FC-2015AC: All versions

e-STUDIO 2515AC FC-2515AC: All versions

e-STUDIO 2615AC FC-2615AC: All versions

e-STUDIO 3015AC FC-3015AC: All versions

e-STUDIO 3115AC FC-3115AC: All versions

e-STUDIO 3515AC FC-3515AC: All versions

e-STUDIO 3615AC FC-3615AC: All versions

e-STUDIO 4515AC FC-4515AC: All versions

e-STUDIO 4615AC FC-4615AC: All versions

e-STUDIO 5015AC FC-5015AC: All versions

e-STUDIO 5115AC FC-5115AC: All versions

e-STUDIO 2018A DP-2018A: All versions

e-STUDIO 2518A DP-2518A: All versions

e-STUDIO 2618A DP-2618A: All versions

e-STUDIO 3018A DP-3018A: All versions

e-STUDIO 3118A DP-3118A: All versions

e-STUDIO 3018AG DP-3018AG: All versions

e-STUDIO 3518A DP-3518A: All versions

e-STUDIO 3518AG DP-3518AG: All versions

e-STUDIO 3618A DP-3618A: All versions

e-STUDIO 3618AG DP-3618AG: All versions

e-STUDIO 4518A DP-4518A: All versions

e-STUDIO 4518AG DP-4518AG: All versions

e-STUDIO 4618A DP-4618A: All versions

e-STUDIO 4618AG DP-4618AG: All versions

e-STUDIO 5018A DP-5018A: All versions

e-STUDIO 5118A DP-5118A: All versions

e-STUDIO 5516AC FC-5516AC: All versions

e-STUDIO 5616AC FC-5616AC: All versions

e-STUDIO 6516AC FC-6516AC: All versions

e-STUDIO 6616AC FC-6616AC: All versions

e-STUDIO 7516AC FC-7516AC: All versions

e-STUDIO 7616AC FC-7616AC: All versions

e-STUDIO 5518A DP-5518A: All versions

e-STUDIO 5618A DP-5618A: All versions

e-STUDIO 6518A DP-6518A: All versions

e-STUDIO 6618A DP-6618A: All versions

e-STUDIO 7518A DP-7518A: All versions

e-STUDIO 7618A DP-7618A: All versions

e-STUDIO 8518A DP-8518A: All versions

e-STUDIO 8618A DP-8618A: All versions

e-STUDIO 2000AC FC-2000AC: All versions

e-STUDIO 2500AC FC-2500AC: All versions

e-STUDIO 2005NC FC-2005AC: All versions

e-STUDIO 2505AC FC-2005AC: All versions

e-STUDIO 3005AC FC-2005AC: All versions

e-STUDIO 3505AC FC-2005AC: All versions

e-STUDIO 4505AC FC-2005AC: All versions

e-STUDIO 5005AC FC-2005AC: All versions

e-STUDIO 2008A DP-2008A: All versions

e-STUDIO 2508A DP-2508A: All versions

e-STUDIO 3008A DP-3008A: All versions

e-STUDIO 3008AG DP-3008AG: All versions

e-STUDIO 3508A DP-3508A: All versions

e-STUDIO 3508AG DP-3508AG: All versions

e-STUDIO 4508A DP-4508A: All versions

e-STUDIO 4508AG DP-4508AG: All versions

e-STUDIO 5008A DP-5008A: All versions

e-STUDIO 5506AC FC-5506AC: All versions

e-STUDIO 6506AC FC-6506AC: All versions

e-STUDIO 7506AC FC-7506AC: All versions

e-STUDIO 5508A DP-5508A: All versions

e-STUDIO 6508A DP-6508A: All versions

e-STUDIO 7508A DP-7508A: All versions

e-STUDIO 8508A DP-8508A: All versions

e-STUDIO 3508LP DP-3535: All versions

e-STUDIO 4508LP DP-4535: All versions

e-STUDIO 5008LP DP-5035: All versions

CPE2.3 External links

http://jvn.jp/en/vu/JVNVU97136265/index.html
http://www.toshibatec.com/information/20240531_01.html


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

How the attacker can exploit this vulnerability?

The attacker would have to send a specially crafted request to the affected device in order to exploit this vulnerability.

The attacker would have to login to the system and perform certain actions in order to exploit this vulnerability.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

4) Unprotected storage of credentials

EUVDB-ID: #VU92288

Risk: Low

CVSSv3.1: 4.5 [CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-27166

CWE-ID: CWE-256 - Unprotected Storage of Credentials

Exploit availability: No

Description

The vulnerability allows a local attacker to gain access to other users' credentials.

The vulnerability exists due to application stored credentials in plain text in a configuration file on the system. A local attacker can view contents of the configuration file and gain access to passwords for 3rd party integration.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

e-STUDIO 2021AC FC-2021AC: All versions

e-STUDIO 2521AC FC-2521AC: All versions

e-STUDIO 2020AC FC-2020AC: All versions

e-STUDIO 2520AC FC-2520AC: All versions

e-STUDIO 2025NC FC-2025AC: All versions

e-STUDIO 2525AC FC-2525AC: All versions

e-STUDIO 3025AC FC-3025AC: All versions

e-STUDIO 3525AC FC-3525AC: All versions

e-STUDIO 3525ACG FC-3525ACG: All versions

e-STUDIO 4525AC FC-4525AC: All versions

e-STUDIO 4525ACG FC-4525ACG: All versions

e-STUDIO 5525AC FC-5525AC: All versions

e-STUDIO 5525ACG FC-5525ACG: All versions

e-STUDIO 6525AC FC-6525AC: All versions

e-STUDIO 6525ACG FC-6525ACG: All versions

e-STUDIO 2528A DP-2528A: All versions

e-STUDIO 3028A DP-3028A: All versions

e-STUDIO 3528A DP-3528A: All versions

e-STUDIO 3528AG DP-3528AG: All versions

e-STUDIO 4528A DP-4528A: All versions

e-STUDIO 4528AG DP-4528AG: All versions

e-STUDIO 5528A DP-5528A: All versions

e-STUDIO 6528A DP-6528A: All versions

e-STUDIO 6526AC FC-6526AC: All versions

e-STUDIO 6527AC FC-6527AC: All versions

e-STUDIO 7527AC FC-7527AC: All versions

e-STUDIO 6529A DP-6529A: All versions

e-STUDIO 7529A DP-7529A: All versions

e-STUDIO 9029A DP-9029A: All versions

e-STUDIO 330AC FC-330AC: All versions

e-STUDIO 400AC FC-400AC: All versions

e-STUDIO 2010AC FC-2010AC: All versions

e-STUDIO 2110AC FC-2110AC: All versions

e-STUDIO 2510AC FC-2510AC: All versions

e-STUDIO 2610AC FC-2610AC: All versions

e-STUDIO 2015NC FC-2015AC: All versions

e-STUDIO 2515AC FC-2515AC: All versions

e-STUDIO 2615AC FC-2615AC: All versions

e-STUDIO 3015AC FC-3015AC: All versions

e-STUDIO 3115AC FC-3115AC: All versions

e-STUDIO 3515AC FC-3515AC: All versions

e-STUDIO 3615AC FC-3615AC: All versions

e-STUDIO 4515AC FC-4515AC: All versions

e-STUDIO 4615AC FC-4615AC: All versions

e-STUDIO 5015AC FC-5015AC: All versions

e-STUDIO 5115AC FC-5115AC: All versions

e-STUDIO 2018A DP-2018A: All versions

e-STUDIO 2518A DP-2518A: All versions

e-STUDIO 2618A DP-2618A: All versions

e-STUDIO 3018A DP-3018A: All versions

e-STUDIO 3118A DP-3118A: All versions

e-STUDIO 3018AG DP-3018AG: All versions

e-STUDIO 3518A DP-3518A: All versions

e-STUDIO 3518AG DP-3518AG: All versions

e-STUDIO 3618A DP-3618A: All versions

e-STUDIO 3618AG DP-3618AG: All versions

e-STUDIO 4518A DP-4518A: All versions

e-STUDIO 4518AG DP-4518AG: All versions

e-STUDIO 4618A DP-4618A: All versions

e-STUDIO 4618AG DP-4618AG: All versions

e-STUDIO 5018A DP-5018A: All versions

e-STUDIO 5118A DP-5118A: All versions

e-STUDIO 5516AC FC-5516AC: All versions

e-STUDIO 5616AC FC-5616AC: All versions

e-STUDIO 6516AC FC-6516AC: All versions

e-STUDIO 6616AC FC-6616AC: All versions

e-STUDIO 7516AC FC-7516AC: All versions

e-STUDIO 7616AC FC-7616AC: All versions

e-STUDIO 5518A DP-5518A: All versions

e-STUDIO 5618A DP-5618A: All versions

e-STUDIO 6518A DP-6518A: All versions

e-STUDIO 6618A DP-6618A: All versions

e-STUDIO 7518A DP-7518A: All versions

e-STUDIO 7618A DP-7618A: All versions

e-STUDIO 8518A DP-8518A: All versions

e-STUDIO 8618A DP-8618A: All versions

e-STUDIO 2000AC FC-2000AC: All versions

e-STUDIO 2500AC FC-2500AC: All versions

e-STUDIO 2005NC FC-2005AC: All versions

e-STUDIO 2505AC FC-2005AC: All versions

e-STUDIO 3005AC FC-2005AC: All versions

e-STUDIO 3505AC FC-2005AC: All versions

e-STUDIO 4505AC FC-2005AC: All versions

e-STUDIO 5005AC FC-2005AC: All versions

e-STUDIO 2008A DP-2008A: All versions

e-STUDIO 2508A DP-2508A: All versions

e-STUDIO 3008A DP-3008A: All versions

e-STUDIO 3008AG DP-3008AG: All versions

e-STUDIO 3508A DP-3508A: All versions

e-STUDIO 3508AG DP-3508AG: All versions

e-STUDIO 4508A DP-4508A: All versions

e-STUDIO 4508AG DP-4508AG: All versions

e-STUDIO 5008A DP-5008A: All versions

e-STUDIO 5506AC FC-5506AC: All versions

e-STUDIO 6506AC FC-6506AC: All versions

e-STUDIO 7506AC FC-7506AC: All versions

e-STUDIO 5508A DP-5508A: All versions

e-STUDIO 6508A DP-6508A: All versions

e-STUDIO 7508A DP-7508A: All versions

e-STUDIO 8508A DP-8508A: All versions

e-STUDIO 3508LP DP-3535: All versions

e-STUDIO 4508LP DP-4535: All versions

e-STUDIO 5008LP DP-5035: All versions

CPE2.3 External links

http://jvn.jp/en/vu/JVNVU97136265/index.html
http://www.toshibatec.com/information/20240531_01.html


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

How the attacker can exploit this vulnerability?

The attacker would have to send a specially crafted request to the affected device in order to exploit this vulnerability.

The attacker would have to login to the system and perform certain actions in order to exploit this vulnerability.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

5) Debug Messages Revealing Unnecessary Information

EUVDB-ID: #VU92289

Risk: Low

CVSSv3.1: 4.1 [CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-27179

CWE-ID: CWE-1295 - Debug Messages Revealing Unnecessary Information

Exploit availability: No

Description

The vulnerability allows a local user to gain access to potentially sensitive information.

The vulnerability exists due to admin cookies are written in clear-text in logs. A local user can retrieve them and bypass the authentication mechanism.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

e-STUDIO 2021AC FC-2021AC: All versions

e-STUDIO 2521AC FC-2521AC: All versions

e-STUDIO 2020AC FC-2020AC: All versions

e-STUDIO 2520AC FC-2520AC: All versions

e-STUDIO 2025NC FC-2025AC: All versions

e-STUDIO 2525AC FC-2525AC: All versions

e-STUDIO 3025AC FC-3025AC: All versions

e-STUDIO 3525AC FC-3525AC: All versions

e-STUDIO 3525ACG FC-3525ACG: All versions

e-STUDIO 4525AC FC-4525AC: All versions

e-STUDIO 4525ACG FC-4525ACG: All versions

e-STUDIO 5525AC FC-5525AC: All versions

e-STUDIO 5525ACG FC-5525ACG: All versions

e-STUDIO 6525AC FC-6525AC: All versions

e-STUDIO 6525ACG FC-6525ACG: All versions

e-STUDIO 2528A DP-2528A: All versions

e-STUDIO 3028A DP-3028A: All versions

e-STUDIO 3528A DP-3528A: All versions

e-STUDIO 3528AG DP-3528AG: All versions

e-STUDIO 4528A DP-4528A: All versions

e-STUDIO 4528AG DP-4528AG: All versions

e-STUDIO 5528A DP-5528A: All versions

e-STUDIO 6528A DP-6528A: All versions

e-STUDIO 6526AC FC-6526AC: All versions

e-STUDIO 6527AC FC-6527AC: All versions

e-STUDIO 7527AC FC-7527AC: All versions

e-STUDIO 6529A DP-6529A: All versions

e-STUDIO 7529A DP-7529A: All versions

e-STUDIO 9029A DP-9029A: All versions

e-STUDIO 330AC FC-330AC: All versions

e-STUDIO 400AC FC-400AC: All versions

e-STUDIO 2010AC FC-2010AC: All versions

e-STUDIO 2110AC FC-2110AC: All versions

e-STUDIO 2510AC FC-2510AC: All versions

e-STUDIO 2610AC FC-2610AC: All versions

e-STUDIO 2015NC FC-2015AC: All versions

e-STUDIO 2515AC FC-2515AC: All versions

e-STUDIO 2615AC FC-2615AC: All versions

e-STUDIO 3015AC FC-3015AC: All versions

e-STUDIO 3115AC FC-3115AC: All versions

e-STUDIO 3515AC FC-3515AC: All versions

e-STUDIO 3615AC FC-3615AC: All versions

e-STUDIO 4515AC FC-4515AC: All versions

e-STUDIO 4615AC FC-4615AC: All versions

e-STUDIO 5015AC FC-5015AC: All versions

e-STUDIO 5115AC FC-5115AC: All versions

e-STUDIO 2018A DP-2018A: All versions

e-STUDIO 2518A DP-2518A: All versions

e-STUDIO 2618A DP-2618A: All versions

e-STUDIO 3018A DP-3018A: All versions

e-STUDIO 3118A DP-3118A: All versions

e-STUDIO 3018AG DP-3018AG: All versions

e-STUDIO 3518A DP-3518A: All versions

e-STUDIO 3518AG DP-3518AG: All versions

e-STUDIO 3618A DP-3618A: All versions

e-STUDIO 3618AG DP-3618AG: All versions

e-STUDIO 4518A DP-4518A: All versions

e-STUDIO 4518AG DP-4518AG: All versions

e-STUDIO 4618A DP-4618A: All versions

e-STUDIO 4618AG DP-4618AG: All versions

e-STUDIO 5018A DP-5018A: All versions

e-STUDIO 5118A DP-5118A: All versions

e-STUDIO 5516AC FC-5516AC: All versions

e-STUDIO 5616AC FC-5616AC: All versions

e-STUDIO 6516AC FC-6516AC: All versions

e-STUDIO 6616AC FC-6616AC: All versions

e-STUDIO 7516AC FC-7516AC: All versions

e-STUDIO 7616AC FC-7616AC: All versions

e-STUDIO 5518A DP-5518A: All versions

e-STUDIO 5618A DP-5618A: All versions

e-STUDIO 6518A DP-6518A: All versions

e-STUDIO 6618A DP-6618A: All versions

e-STUDIO 7518A DP-7518A: All versions

e-STUDIO 7618A DP-7618A: All versions

e-STUDIO 8518A DP-8518A: All versions

e-STUDIO 8618A DP-8618A: All versions

e-STUDIO 2000AC FC-2000AC: All versions

e-STUDIO 2500AC FC-2500AC: All versions

e-STUDIO 2005NC FC-2005AC: All versions

e-STUDIO 2505AC FC-2005AC: All versions

e-STUDIO 3005AC FC-2005AC: All versions

e-STUDIO 3505AC FC-2005AC: All versions

e-STUDIO 4505AC FC-2005AC: All versions

e-STUDIO 5005AC FC-2005AC: All versions

e-STUDIO 2008A DP-2008A: All versions

e-STUDIO 2508A DP-2508A: All versions

e-STUDIO 3008A DP-3008A: All versions

e-STUDIO 3008AG DP-3008AG: All versions

e-STUDIO 3508A DP-3508A: All versions

e-STUDIO 3508AG DP-3508AG: All versions

e-STUDIO 4508A DP-4508A: All versions

e-STUDIO 4508AG DP-4508AG: All versions

e-STUDIO 5008A DP-5008A: All versions

e-STUDIO 5506AC FC-5506AC: All versions

e-STUDIO 6506AC FC-6506AC: All versions

e-STUDIO 7506AC FC-7506AC: All versions

e-STUDIO 5508A DP-5508A: All versions

e-STUDIO 6508A DP-6508A: All versions

e-STUDIO 7508A DP-7508A: All versions

e-STUDIO 8508A DP-8508A: All versions

e-STUDIO 3508LP DP-3535: All versions

e-STUDIO 4508LP DP-4535: All versions

e-STUDIO 5008LP DP-5035: All versions

CPE2.3 External links

http://jvn.jp/en/vu/JVNVU97136265/index.html
http://www.toshibatec.com/information/20240531_01.html


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

How the attacker can exploit this vulnerability?

The attacker would have to send a specially crafted request to the affected device in order to exploit this vulnerability.

The attacker would have to login to the system and perform certain actions in order to exploit this vulnerability.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

6) Use of default credentials

EUVDB-ID: #VU92384

Risk: Low

CVSSv3.1: 6.4 [CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-27158

CWE-ID: CWE-1392 - Use of Default Credentials

Exploit availability: No

Description

The vulnerability allows a remote attacker to compromise the affected system.

The vulnerability exists due to usage of default administrative credentials. A remote attacker can use default credentials to compromise the affected device.


Mitigation

Install updates from vendor's website.

Vulnerable software versions

e-STUDIO 2021AC FC-2021AC: All versions

e-STUDIO 2521AC FC-2521AC: All versions

e-STUDIO 2020AC FC-2020AC: All versions

e-STUDIO 2520AC FC-2520AC: All versions

e-STUDIO 2025NC FC-2025AC: All versions

e-STUDIO 2525AC FC-2525AC: All versions

e-STUDIO 3025AC FC-3025AC: All versions

e-STUDIO 3525AC FC-3525AC: All versions

e-STUDIO 3525ACG FC-3525ACG: All versions

e-STUDIO 4525AC FC-4525AC: All versions

e-STUDIO 4525ACG FC-4525ACG: All versions

e-STUDIO 5525AC FC-5525AC: All versions

e-STUDIO 5525ACG FC-5525ACG: All versions

e-STUDIO 6525AC FC-6525AC: All versions

e-STUDIO 6525ACG FC-6525ACG: All versions

e-STUDIO 2528A DP-2528A: All versions

e-STUDIO 3028A DP-3028A: All versions

e-STUDIO 3528A DP-3528A: All versions

e-STUDIO 3528AG DP-3528AG: All versions

e-STUDIO 4528A DP-4528A: All versions

e-STUDIO 4528AG DP-4528AG: All versions

e-STUDIO 5528A DP-5528A: All versions

e-STUDIO 6528A DP-6528A: All versions

e-STUDIO 6526AC FC-6526AC: All versions

e-STUDIO 6527AC FC-6527AC: All versions

e-STUDIO 7527AC FC-7527AC: All versions

e-STUDIO 6529A DP-6529A: All versions

e-STUDIO 7529A DP-7529A: All versions

e-STUDIO 9029A DP-9029A: All versions

e-STUDIO 330AC FC-330AC: All versions

e-STUDIO 400AC FC-400AC: All versions

e-STUDIO 2010AC FC-2010AC: All versions

e-STUDIO 2110AC FC-2110AC: All versions

e-STUDIO 2510AC FC-2510AC: All versions

e-STUDIO 2610AC FC-2610AC: All versions

e-STUDIO 2015NC FC-2015AC: All versions

e-STUDIO 2515AC FC-2515AC: All versions

e-STUDIO 2615AC FC-2615AC: All versions

e-STUDIO 3015AC FC-3015AC: All versions

e-STUDIO 3115AC FC-3115AC: All versions

e-STUDIO 3515AC FC-3515AC: All versions

e-STUDIO 3615AC FC-3615AC: All versions

e-STUDIO 4515AC FC-4515AC: All versions

e-STUDIO 4615AC FC-4615AC: All versions

e-STUDIO 5015AC FC-5015AC: All versions

e-STUDIO 5115AC FC-5115AC: All versions

e-STUDIO 2018A DP-2018A: All versions

e-STUDIO 2518A DP-2518A: All versions

e-STUDIO 2618A DP-2618A: All versions

e-STUDIO 3018A DP-3018A: All versions

e-STUDIO 3118A DP-3118A: All versions

e-STUDIO 3018AG DP-3018AG: All versions

e-STUDIO 3518A DP-3518A: All versions

e-STUDIO 3518AG DP-3518AG: All versions

e-STUDIO 3618A DP-3618A: All versions

e-STUDIO 3618AG DP-3618AG: All versions

e-STUDIO 4518A DP-4518A: All versions

e-STUDIO 4518AG DP-4518AG: All versions

e-STUDIO 4618A DP-4618A: All versions

e-STUDIO 4618AG DP-4618AG: All versions

e-STUDIO 5018A DP-5018A: All versions

e-STUDIO 5118A DP-5118A: All versions

e-STUDIO 5516AC FC-5516AC: All versions

e-STUDIO 5616AC FC-5616AC: All versions

e-STUDIO 6516AC FC-6516AC: All versions

e-STUDIO 6616AC FC-6616AC: All versions

e-STUDIO 7516AC FC-7516AC: All versions

e-STUDIO 7616AC FC-7616AC: All versions

e-STUDIO 5518A DP-5518A: All versions

e-STUDIO 5618A DP-5618A: All versions

e-STUDIO 6518A DP-6518A: All versions

e-STUDIO 6618A DP-6618A: All versions

e-STUDIO 7518A DP-7518A: All versions

e-STUDIO 7618A DP-7618A: All versions

e-STUDIO 8518A DP-8518A: All versions

e-STUDIO 8618A DP-8618A: All versions

e-STUDIO 2000AC FC-2000AC: All versions

e-STUDIO 2500AC FC-2500AC: All versions

e-STUDIO 2005NC FC-2005AC: All versions

e-STUDIO 2505AC FC-2005AC: All versions

e-STUDIO 3005AC FC-2005AC: All versions

e-STUDIO 3505AC FC-2005AC: All versions

e-STUDIO 4505AC FC-2005AC: All versions

e-STUDIO 5005AC FC-2005AC: All versions

e-STUDIO 2008A DP-2008A: All versions

e-STUDIO 2508A DP-2508A: All versions

e-STUDIO 3008A DP-3008A: All versions

e-STUDIO 3008AG DP-3008AG: All versions

e-STUDIO 3508A DP-3508A: All versions

e-STUDIO 3508AG DP-3508AG: All versions

e-STUDIO 4508A DP-4508A: All versions

e-STUDIO 4508AG DP-4508AG: All versions

e-STUDIO 5008A DP-5008A: All versions

e-STUDIO 5506AC FC-5506AC: All versions

e-STUDIO 6506AC FC-6506AC: All versions

e-STUDIO 7506AC FC-7506AC: All versions

e-STUDIO 5508A DP-5508A: All versions

e-STUDIO 6508A DP-6508A: All versions

e-STUDIO 7508A DP-7508A: All versions

e-STUDIO 8508A DP-8508A: All versions

e-STUDIO 3508LP DP-3535: All versions

e-STUDIO 4508LP DP-4535: All versions

e-STUDIO 5008LP DP-5035: All versions

CPE2.3 External links

http://jvn.jp/en/vu/JVNVU97136265/index.html
http://www.toshibatec.com/information/20240531_01.html


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

How the attacker can exploit this vulnerability?

The attacker would have to send a specially crafted request to the affected device in order to exploit this vulnerability.

The attacker would have to login to the system and perform certain actions in order to exploit this vulnerability.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

7) Use of hard-coded credentials

EUVDB-ID: #VU92386

Risk: Low

CVSSv3.1: 5.4 [CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-27159

CWE-ID: CWE-798 - Use of Hard-coded Credentials

Exploit availability: No

Description

The vulnerability allows a local attacker to gain full access to vulnerable system.

The vulnerability exists due to presence of hard-coded credentials in application code. A local attacker can decrypt the encrypted files using the hardcoded key.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

e-STUDIO 2021AC FC-2021AC: All versions

e-STUDIO 2521AC FC-2521AC: All versions

e-STUDIO 2020AC FC-2020AC: All versions

e-STUDIO 2520AC FC-2520AC: All versions

e-STUDIO 2025NC FC-2025AC: All versions

e-STUDIO 2525AC FC-2525AC: All versions

e-STUDIO 3025AC FC-3025AC: All versions

e-STUDIO 3525AC FC-3525AC: All versions

e-STUDIO 3525ACG FC-3525ACG: All versions

e-STUDIO 4525AC FC-4525AC: All versions

e-STUDIO 4525ACG FC-4525ACG: All versions

e-STUDIO 5525AC FC-5525AC: All versions

e-STUDIO 5525ACG FC-5525ACG: All versions

e-STUDIO 6525AC FC-6525AC: All versions

e-STUDIO 6525ACG FC-6525ACG: All versions

e-STUDIO 2528A DP-2528A: All versions

e-STUDIO 3028A DP-3028A: All versions

e-STUDIO 3528A DP-3528A: All versions

e-STUDIO 3528AG DP-3528AG: All versions

e-STUDIO 4528A DP-4528A: All versions

e-STUDIO 4528AG DP-4528AG: All versions

e-STUDIO 5528A DP-5528A: All versions

e-STUDIO 6528A DP-6528A: All versions

e-STUDIO 6526AC FC-6526AC: All versions

e-STUDIO 6527AC FC-6527AC: All versions

e-STUDIO 7527AC FC-7527AC: All versions

e-STUDIO 6529A DP-6529A: All versions

e-STUDIO 7529A DP-7529A: All versions

e-STUDIO 9029A DP-9029A: All versions

e-STUDIO 330AC FC-330AC: All versions

e-STUDIO 400AC FC-400AC: All versions

e-STUDIO 2010AC FC-2010AC: All versions

e-STUDIO 2110AC FC-2110AC: All versions

e-STUDIO 2510AC FC-2510AC: All versions

e-STUDIO 2610AC FC-2610AC: All versions

e-STUDIO 2015NC FC-2015AC: All versions

e-STUDIO 2515AC FC-2515AC: All versions

e-STUDIO 2615AC FC-2615AC: All versions

e-STUDIO 3015AC FC-3015AC: All versions

e-STUDIO 3115AC FC-3115AC: All versions

e-STUDIO 3515AC FC-3515AC: All versions

e-STUDIO 3615AC FC-3615AC: All versions

e-STUDIO 4515AC FC-4515AC: All versions

e-STUDIO 4615AC FC-4615AC: All versions

e-STUDIO 5015AC FC-5015AC: All versions

e-STUDIO 5115AC FC-5115AC: All versions

e-STUDIO 2018A DP-2018A: All versions

e-STUDIO 2518A DP-2518A: All versions

e-STUDIO 2618A DP-2618A: All versions

e-STUDIO 3018A DP-3018A: All versions

e-STUDIO 3118A DP-3118A: All versions

e-STUDIO 3018AG DP-3018AG: All versions

e-STUDIO 3518A DP-3518A: All versions

e-STUDIO 3518AG DP-3518AG: All versions

e-STUDIO 3618A DP-3618A: All versions

e-STUDIO 3618AG DP-3618AG: All versions

e-STUDIO 4518A DP-4518A: All versions

e-STUDIO 4518AG DP-4518AG: All versions

e-STUDIO 4618A DP-4618A: All versions

e-STUDIO 4618AG DP-4618AG: All versions

e-STUDIO 5018A DP-5018A: All versions

e-STUDIO 5118A DP-5118A: All versions

e-STUDIO 5516AC FC-5516AC: All versions

e-STUDIO 5616AC FC-5616AC: All versions

e-STUDIO 6516AC FC-6516AC: All versions

e-STUDIO 6616AC FC-6616AC: All versions

e-STUDIO 7516AC FC-7516AC: All versions

e-STUDIO 7616AC FC-7616AC: All versions

e-STUDIO 5518A DP-5518A: All versions

e-STUDIO 5618A DP-5618A: All versions

e-STUDIO 6518A DP-6518A: All versions

e-STUDIO 6618A DP-6618A: All versions

e-STUDIO 7518A DP-7518A: All versions

e-STUDIO 7618A DP-7618A: All versions

e-STUDIO 8518A DP-8518A: All versions

e-STUDIO 8618A DP-8618A: All versions

e-STUDIO 2000AC FC-2000AC: All versions

e-STUDIO 2500AC FC-2500AC: All versions

e-STUDIO 2005NC FC-2005AC: All versions

e-STUDIO 2505AC FC-2005AC: All versions

e-STUDIO 3005AC FC-2005AC: All versions

e-STUDIO 3505AC FC-2005AC: All versions

e-STUDIO 4505AC FC-2005AC: All versions

e-STUDIO 5005AC FC-2005AC: All versions

e-STUDIO 2008A DP-2008A: All versions

e-STUDIO 2508A DP-2508A: All versions

e-STUDIO 3008A DP-3008A: All versions

e-STUDIO 3008AG DP-3008AG: All versions

e-STUDIO 3508A DP-3508A: All versions

e-STUDIO 3508AG DP-3508AG: All versions

e-STUDIO 4508A DP-4508A: All versions

e-STUDIO 4508AG DP-4508AG: All versions

e-STUDIO 5008A DP-5008A: All versions

e-STUDIO 5506AC FC-5506AC: All versions

e-STUDIO 6506AC FC-6506AC: All versions

e-STUDIO 7506AC FC-7506AC: All versions

e-STUDIO 5508A DP-5508A: All versions

e-STUDIO 6508A DP-6508A: All versions

e-STUDIO 7508A DP-7508A: All versions

e-STUDIO 8508A DP-8508A: All versions

e-STUDIO 3508LP DP-3535: All versions

e-STUDIO 4508LP DP-4535: All versions

e-STUDIO 5008LP DP-5035: All versions

CPE2.3 External links

http://jvn.jp/en/vu/JVNVU97136265/index.html
http://www.toshibatec.com/information/20240531_01.html


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

How the attacker can exploit this vulnerability?

The attacker would have to send a specially crafted request to the affected device in order to exploit this vulnerability.

The attacker would have to login to the system and perform certain actions in order to exploit this vulnerability.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

8) Use of hard-coded credentials

EUVDB-ID: #VU92388

Risk: Low

CVSSv3.1: 5.4 [CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-27160

CWE-ID: CWE-798 - Use of Hard-coded Credentials

Exploit availability: No

Description

The vulnerability allows a local attacker to gain full access to vulnerable system.

The vulnerability exists due to presence of hard-coded credentials in application code. A local attacker can decrypt the encrypted files using the hardcoded key.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

e-STUDIO 2021AC FC-2021AC: All versions

e-STUDIO 2521AC FC-2521AC: All versions

e-STUDIO 2020AC FC-2020AC: All versions

e-STUDIO 2520AC FC-2520AC: All versions

e-STUDIO 2025NC FC-2025AC: All versions

e-STUDIO 2525AC FC-2525AC: All versions

e-STUDIO 3025AC FC-3025AC: All versions

e-STUDIO 3525AC FC-3525AC: All versions

e-STUDIO 3525ACG FC-3525ACG: All versions

e-STUDIO 4525AC FC-4525AC: All versions

e-STUDIO 4525ACG FC-4525ACG: All versions

e-STUDIO 5525AC FC-5525AC: All versions

e-STUDIO 5525ACG FC-5525ACG: All versions

e-STUDIO 6525AC FC-6525AC: All versions

e-STUDIO 6525ACG FC-6525ACG: All versions

e-STUDIO 2528A DP-2528A: All versions

e-STUDIO 3028A DP-3028A: All versions

e-STUDIO 3528A DP-3528A: All versions

e-STUDIO 3528AG DP-3528AG: All versions

e-STUDIO 4528A DP-4528A: All versions

e-STUDIO 4528AG DP-4528AG: All versions

e-STUDIO 5528A DP-5528A: All versions

e-STUDIO 6528A DP-6528A: All versions

e-STUDIO 6526AC FC-6526AC: All versions

e-STUDIO 6527AC FC-6527AC: All versions

e-STUDIO 7527AC FC-7527AC: All versions

e-STUDIO 6529A DP-6529A: All versions

e-STUDIO 7529A DP-7529A: All versions

e-STUDIO 9029A DP-9029A: All versions

e-STUDIO 330AC FC-330AC: All versions

e-STUDIO 400AC FC-400AC: All versions

e-STUDIO 2010AC FC-2010AC: All versions

e-STUDIO 2110AC FC-2110AC: All versions

e-STUDIO 2510AC FC-2510AC: All versions

e-STUDIO 2610AC FC-2610AC: All versions

e-STUDIO 2015NC FC-2015AC: All versions

e-STUDIO 2515AC FC-2515AC: All versions

e-STUDIO 2615AC FC-2615AC: All versions

e-STUDIO 3015AC FC-3015AC: All versions

e-STUDIO 3115AC FC-3115AC: All versions

e-STUDIO 3515AC FC-3515AC: All versions

e-STUDIO 3615AC FC-3615AC: All versions

e-STUDIO 4515AC FC-4515AC: All versions

e-STUDIO 4615AC FC-4615AC: All versions

e-STUDIO 5015AC FC-5015AC: All versions

e-STUDIO 5115AC FC-5115AC: All versions

e-STUDIO 2018A DP-2018A: All versions

e-STUDIO 2518A DP-2518A: All versions

e-STUDIO 2618A DP-2618A: All versions

e-STUDIO 3018A DP-3018A: All versions

e-STUDIO 3118A DP-3118A: All versions

e-STUDIO 3018AG DP-3018AG: All versions

e-STUDIO 3518A DP-3518A: All versions

e-STUDIO 3518AG DP-3518AG: All versions

e-STUDIO 3618A DP-3618A: All versions

e-STUDIO 3618AG DP-3618AG: All versions

e-STUDIO 4518A DP-4518A: All versions

e-STUDIO 4518AG DP-4518AG: All versions

e-STUDIO 4618A DP-4618A: All versions

e-STUDIO 4618AG DP-4618AG: All versions

e-STUDIO 5018A DP-5018A: All versions

e-STUDIO 5118A DP-5118A: All versions

e-STUDIO 5516AC FC-5516AC: All versions

e-STUDIO 5616AC FC-5616AC: All versions

e-STUDIO 6516AC FC-6516AC: All versions

e-STUDIO 6616AC FC-6616AC: All versions

e-STUDIO 7516AC FC-7516AC: All versions

e-STUDIO 7616AC FC-7616AC: All versions

e-STUDIO 5518A DP-5518A: All versions

e-STUDIO 5618A DP-5618A: All versions

e-STUDIO 6518A DP-6518A: All versions

e-STUDIO 6618A DP-6618A: All versions

e-STUDIO 7518A DP-7518A: All versions

e-STUDIO 7618A DP-7618A: All versions

e-STUDIO 8518A DP-8518A: All versions

e-STUDIO 8618A DP-8618A: All versions

e-STUDIO 2000AC FC-2000AC: All versions

e-STUDIO 2500AC FC-2500AC: All versions

e-STUDIO 2005NC FC-2005AC: All versions

e-STUDIO 2505AC FC-2005AC: All versions

e-STUDIO 3005AC FC-2005AC: All versions

e-STUDIO 3505AC FC-2005AC: All versions

e-STUDIO 4505AC FC-2005AC: All versions

e-STUDIO 5005AC FC-2005AC: All versions

e-STUDIO 2008A DP-2008A: All versions

e-STUDIO 2508A DP-2508A: All versions

e-STUDIO 3008A DP-3008A: All versions

e-STUDIO 3008AG DP-3008AG: All versions

e-STUDIO 3508A DP-3508A: All versions

e-STUDIO 3508AG DP-3508AG: All versions

e-STUDIO 4508A DP-4508A: All versions

e-STUDIO 4508AG DP-4508AG: All versions

e-STUDIO 5008A DP-5008A: All versions

e-STUDIO 5506AC FC-5506AC: All versions

e-STUDIO 6506AC FC-6506AC: All versions

e-STUDIO 7506AC FC-7506AC: All versions

e-STUDIO 5508A DP-5508A: All versions

e-STUDIO 6508A DP-6508A: All versions

e-STUDIO 7508A DP-7508A: All versions

e-STUDIO 8508A DP-8508A: All versions

e-STUDIO 3508LP DP-3535: All versions

e-STUDIO 4508LP DP-4535: All versions

e-STUDIO 5008LP DP-5035: All versions

CPE2.3 External links

http://jvn.jp/en/vu/JVNVU97136265/index.html
http://www.toshibatec.com/information/20240531_01.html


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

How the attacker can exploit this vulnerability?

The attacker would have to send a specially crafted request to the affected device in order to exploit this vulnerability.

The attacker would have to login to the system and perform certain actions in order to exploit this vulnerability.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

9) Use of hard-coded credentials

EUVDB-ID: #VU92391

Risk: Low

CVSSv3.1: 5.4 [CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-27161

CWE-ID: CWE-798 - Use of Hard-coded Credentials

Exploit availability: No

Description

The vulnerability allows a local attacker to gain full access to vulnerable system.

The vulnerability exists due to presence of hard-coded credentials in application code. A local attacker can decrypt the encrypted files using the hardcoded key.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

e-STUDIO 2021AC FC-2021AC: All versions

e-STUDIO 2521AC FC-2521AC: All versions

e-STUDIO 2020AC FC-2020AC: All versions

e-STUDIO 2520AC FC-2520AC: All versions

e-STUDIO 2025NC FC-2025AC: All versions

e-STUDIO 2525AC FC-2525AC: All versions

e-STUDIO 3025AC FC-3025AC: All versions

e-STUDIO 3525AC FC-3525AC: All versions

e-STUDIO 3525ACG FC-3525ACG: All versions

e-STUDIO 4525AC FC-4525AC: All versions

e-STUDIO 4525ACG FC-4525ACG: All versions

e-STUDIO 5525AC FC-5525AC: All versions

e-STUDIO 5525ACG FC-5525ACG: All versions

e-STUDIO 6525AC FC-6525AC: All versions

e-STUDIO 6525ACG FC-6525ACG: All versions

e-STUDIO 2528A DP-2528A: All versions

e-STUDIO 3028A DP-3028A: All versions

e-STUDIO 3528A DP-3528A: All versions

e-STUDIO 3528AG DP-3528AG: All versions

e-STUDIO 4528A DP-4528A: All versions

e-STUDIO 4528AG DP-4528AG: All versions

e-STUDIO 5528A DP-5528A: All versions

e-STUDIO 6528A DP-6528A: All versions

e-STUDIO 6526AC FC-6526AC: All versions

e-STUDIO 6527AC FC-6527AC: All versions

e-STUDIO 7527AC FC-7527AC: All versions

e-STUDIO 6529A DP-6529A: All versions

e-STUDIO 7529A DP-7529A: All versions

e-STUDIO 9029A DP-9029A: All versions

e-STUDIO 330AC FC-330AC: All versions

e-STUDIO 400AC FC-400AC: All versions

e-STUDIO 2010AC FC-2010AC: All versions

e-STUDIO 2110AC FC-2110AC: All versions

e-STUDIO 2510AC FC-2510AC: All versions

e-STUDIO 2610AC FC-2610AC: All versions

e-STUDIO 2015NC FC-2015AC: All versions

e-STUDIO 2515AC FC-2515AC: All versions

e-STUDIO 2615AC FC-2615AC: All versions

e-STUDIO 3015AC FC-3015AC: All versions

e-STUDIO 3115AC FC-3115AC: All versions

e-STUDIO 3515AC FC-3515AC: All versions

e-STUDIO 3615AC FC-3615AC: All versions

e-STUDIO 4515AC FC-4515AC: All versions

e-STUDIO 4615AC FC-4615AC: All versions

e-STUDIO 5015AC FC-5015AC: All versions

e-STUDIO 5115AC FC-5115AC: All versions

e-STUDIO 2018A DP-2018A: All versions

e-STUDIO 2518A DP-2518A: All versions

e-STUDIO 2618A DP-2618A: All versions

e-STUDIO 3018A DP-3018A: All versions

e-STUDIO 3118A DP-3118A: All versions

e-STUDIO 3018AG DP-3018AG: All versions

e-STUDIO 3518A DP-3518A: All versions

e-STUDIO 3518AG DP-3518AG: All versions

e-STUDIO 3618A DP-3618A: All versions

e-STUDIO 3618AG DP-3618AG: All versions

e-STUDIO 4518A DP-4518A: All versions

e-STUDIO 4518AG DP-4518AG: All versions

e-STUDIO 4618A DP-4618A: All versions

e-STUDIO 4618AG DP-4618AG: All versions

e-STUDIO 5018A DP-5018A: All versions

e-STUDIO 5118A DP-5118A: All versions

e-STUDIO 5516AC FC-5516AC: All versions

e-STUDIO 5616AC FC-5616AC: All versions

e-STUDIO 6516AC FC-6516AC: All versions

e-STUDIO 6616AC FC-6616AC: All versions

e-STUDIO 7516AC FC-7516AC: All versions

e-STUDIO 7616AC FC-7616AC: All versions

e-STUDIO 5518A DP-5518A: All versions

e-STUDIO 5618A DP-5618A: All versions

e-STUDIO 6518A DP-6518A: All versions

e-STUDIO 6618A DP-6618A: All versions

e-STUDIO 7518A DP-7518A: All versions

e-STUDIO 7618A DP-7618A: All versions

e-STUDIO 8518A DP-8518A: All versions

e-STUDIO 8618A DP-8618A: All versions

e-STUDIO 2000AC FC-2000AC: All versions

e-STUDIO 2500AC FC-2500AC: All versions

e-STUDIO 2005NC FC-2005AC: All versions

e-STUDIO 2505AC FC-2005AC: All versions

e-STUDIO 3005AC FC-2005AC: All versions

e-STUDIO 3505AC FC-2005AC: All versions

e-STUDIO 4505AC FC-2005AC: All versions

e-STUDIO 5005AC FC-2005AC: All versions

e-STUDIO 2008A DP-2008A: All versions

e-STUDIO 2508A DP-2508A: All versions

e-STUDIO 3008A DP-3008A: All versions

e-STUDIO 3008AG DP-3008AG: All versions

e-STUDIO 3508A DP-3508A: All versions

e-STUDIO 3508AG DP-3508AG: All versions

e-STUDIO 4508A DP-4508A: All versions

e-STUDIO 4508AG DP-4508AG: All versions

e-STUDIO 5008A DP-5008A: All versions

e-STUDIO 5506AC FC-5506AC: All versions

e-STUDIO 6506AC FC-6506AC: All versions

e-STUDIO 7506AC FC-7506AC: All versions

e-STUDIO 5508A DP-5508A: All versions

e-STUDIO 6508A DP-6508A: All versions

e-STUDIO 7508A DP-7508A: All versions

e-STUDIO 8508A DP-8508A: All versions

e-STUDIO 3508LP DP-3535: All versions

e-STUDIO 4508LP DP-4535: All versions

e-STUDIO 5008LP DP-5035: All versions

CPE2.3 External links

http://jvn.jp/en/vu/JVNVU97136265/index.html
http://www.toshibatec.com/information/20240531_01.html


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

How the attacker can exploit this vulnerability?

The attacker would have to send a specially crafted request to the affected device in order to exploit this vulnerability.

The attacker would have to login to the system and perform certain actions in order to exploit this vulnerability.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

10) Use of hard-coded credentials

EUVDB-ID: #VU92403

Risk: Low

CVSSv3.1: 5.4 [CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-27168

CWE-ID: CWE-798 - Use of Hard-coded Credentials

Exploit availability: No

Description

The vulnerability allows a local attacker to gain full access to vulnerable system.

The vulnerability exists due to presence of hard-coded credentials in application code. A local attacker can decrypt the encrypted files using the hardcoded key.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

e-STUDIO 2021AC FC-2021AC: All versions

e-STUDIO 2521AC FC-2521AC: All versions

e-STUDIO 2020AC FC-2020AC: All versions

e-STUDIO 2520AC FC-2520AC: All versions

e-STUDIO 2025NC FC-2025AC: All versions

e-STUDIO 2525AC FC-2525AC: All versions

e-STUDIO 3025AC FC-3025AC: All versions

e-STUDIO 3525AC FC-3525AC: All versions

e-STUDIO 3525ACG FC-3525ACG: All versions

e-STUDIO 4525AC FC-4525AC: All versions

e-STUDIO 4525ACG FC-4525ACG: All versions

e-STUDIO 5525AC FC-5525AC: All versions

e-STUDIO 5525ACG FC-5525ACG: All versions

e-STUDIO 6525AC FC-6525AC: All versions

e-STUDIO 6525ACG FC-6525ACG: All versions

e-STUDIO 2528A DP-2528A: All versions

e-STUDIO 3028A DP-3028A: All versions

e-STUDIO 3528A DP-3528A: All versions

e-STUDIO 3528AG DP-3528AG: All versions

e-STUDIO 4528A DP-4528A: All versions

e-STUDIO 4528AG DP-4528AG: All versions

e-STUDIO 5528A DP-5528A: All versions

e-STUDIO 6528A DP-6528A: All versions

e-STUDIO 6526AC FC-6526AC: All versions

e-STUDIO 6527AC FC-6527AC: All versions

e-STUDIO 7527AC FC-7527AC: All versions

e-STUDIO 6529A DP-6529A: All versions

e-STUDIO 7529A DP-7529A: All versions

e-STUDIO 9029A DP-9029A: All versions

e-STUDIO 330AC FC-330AC: All versions

e-STUDIO 400AC FC-400AC: All versions

e-STUDIO 2010AC FC-2010AC: All versions

e-STUDIO 2110AC FC-2110AC: All versions

e-STUDIO 2510AC FC-2510AC: All versions

e-STUDIO 2610AC FC-2610AC: All versions

e-STUDIO 2015NC FC-2015AC: All versions

e-STUDIO 2515AC FC-2515AC: All versions

e-STUDIO 2615AC FC-2615AC: All versions

e-STUDIO 3015AC FC-3015AC: All versions

e-STUDIO 3115AC FC-3115AC: All versions

e-STUDIO 3515AC FC-3515AC: All versions

e-STUDIO 3615AC FC-3615AC: All versions

e-STUDIO 4515AC FC-4515AC: All versions

e-STUDIO 4615AC FC-4615AC: All versions

e-STUDIO 5015AC FC-5015AC: All versions

e-STUDIO 5115AC FC-5115AC: All versions

e-STUDIO 2018A DP-2018A: All versions

e-STUDIO 2518A DP-2518A: All versions

e-STUDIO 2618A DP-2618A: All versions

e-STUDIO 3018A DP-3018A: All versions

e-STUDIO 3118A DP-3118A: All versions

e-STUDIO 3018AG DP-3018AG: All versions

e-STUDIO 3518A DP-3518A: All versions

e-STUDIO 3518AG DP-3518AG: All versions

e-STUDIO 3618A DP-3618A: All versions

e-STUDIO 3618AG DP-3618AG: All versions

e-STUDIO 4518A DP-4518A: All versions

e-STUDIO 4518AG DP-4518AG: All versions

e-STUDIO 4618A DP-4618A: All versions

e-STUDIO 4618AG DP-4618AG: All versions

e-STUDIO 5018A DP-5018A: All versions

e-STUDIO 5118A DP-5118A: All versions

e-STUDIO 5516AC FC-5516AC: All versions

e-STUDIO 5616AC FC-5616AC: All versions

e-STUDIO 6516AC FC-6516AC: All versions

e-STUDIO 6616AC FC-6616AC: All versions

e-STUDIO 7516AC FC-7516AC: All versions

e-STUDIO 7616AC FC-7616AC: All versions

e-STUDIO 5518A DP-5518A: All versions

e-STUDIO 5618A DP-5618A: All versions

e-STUDIO 6518A DP-6518A: All versions

e-STUDIO 6618A DP-6618A: All versions

e-STUDIO 7518A DP-7518A: All versions

e-STUDIO 7618A DP-7618A: All versions

e-STUDIO 8518A DP-8518A: All versions

e-STUDIO 8618A DP-8618A: All versions

e-STUDIO 2000AC FC-2000AC: All versions

e-STUDIO 2500AC FC-2500AC: All versions

e-STUDIO 2005NC FC-2005AC: All versions

e-STUDIO 2505AC FC-2005AC: All versions

e-STUDIO 3005AC FC-2005AC: All versions

e-STUDIO 3505AC FC-2005AC: All versions

e-STUDIO 4505AC FC-2005AC: All versions

e-STUDIO 5005AC FC-2005AC: All versions

e-STUDIO 2008A DP-2008A: All versions

e-STUDIO 2508A DP-2508A: All versions

e-STUDIO 3008A DP-3008A: All versions

e-STUDIO 3008AG DP-3008AG: All versions

e-STUDIO 3508A DP-3508A: All versions

e-STUDIO 3508AG DP-3508AG: All versions

e-STUDIO 4508A DP-4508A: All versions

e-STUDIO 4508AG DP-4508AG: All versions

e-STUDIO 5008A DP-5008A: All versions

e-STUDIO 5506AC FC-5506AC: All versions

e-STUDIO 6506AC FC-6506AC: All versions

e-STUDIO 7506AC FC-7506AC: All versions

e-STUDIO 5508A DP-5508A: All versions

e-STUDIO 6508A DP-6508A: All versions

e-STUDIO 7508A DP-7508A: All versions

e-STUDIO 8508A DP-8508A: All versions

e-STUDIO 3508LP DP-3535: All versions

e-STUDIO 4508LP DP-4535: All versions

e-STUDIO 5008LP DP-5035: All versions

CPE2.3 External links

http://jvn.jp/en/vu/JVNVU97136265/index.html
http://www.toshibatec.com/information/20240531_01.html


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

How the attacker can exploit this vulnerability?

The attacker would have to send a specially crafted request to the affected device in order to exploit this vulnerability.

The attacker would have to login to the system and perform certain actions in order to exploit this vulnerability.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

11) Use of Hard-coded Password

EUVDB-ID: #VU92474

Risk: Low

CVSSv3.1: 6.2 [CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-27164

CWE-ID: CWE-259 - Use of Hard-coded Password

Exploit availability: No

Description

The vulnerability allows a local attacker to compromise the target system.

The vulnerability exists due to use a hard-coded password. A local attacker can gain access to sensitive information.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

e-STUDIO 2021AC FC-2021AC: All versions

e-STUDIO 2521AC FC-2521AC: All versions

e-STUDIO 2020AC FC-2020AC: All versions

e-STUDIO 2520AC FC-2520AC: All versions

e-STUDIO 2025NC FC-2025AC: All versions

e-STUDIO 2525AC FC-2525AC: All versions

e-STUDIO 3025AC FC-3025AC: All versions

e-STUDIO 3525AC FC-3525AC: All versions

e-STUDIO 3525ACG FC-3525ACG: All versions

e-STUDIO 4525AC FC-4525AC: All versions

e-STUDIO 4525ACG FC-4525ACG: All versions

e-STUDIO 5525AC FC-5525AC: All versions

e-STUDIO 5525ACG FC-5525ACG: All versions

e-STUDIO 6525AC FC-6525AC: All versions

e-STUDIO 6525ACG FC-6525ACG: All versions

e-STUDIO 2528A DP-2528A: All versions

e-STUDIO 3028A DP-3028A: All versions

e-STUDIO 3528A DP-3528A: All versions

e-STUDIO 3528AG DP-3528AG: All versions

e-STUDIO 4528A DP-4528A: All versions

e-STUDIO 4528AG DP-4528AG: All versions

e-STUDIO 5528A DP-5528A: All versions

e-STUDIO 6528A DP-6528A: All versions

e-STUDIO 6526AC FC-6526AC: All versions

e-STUDIO 6527AC FC-6527AC: All versions

e-STUDIO 7527AC FC-7527AC: All versions

e-STUDIO 6529A DP-6529A: All versions

e-STUDIO 7529A DP-7529A: All versions

e-STUDIO 9029A DP-9029A: All versions

e-STUDIO 330AC FC-330AC: All versions

e-STUDIO 400AC FC-400AC: All versions

e-STUDIO 2010AC FC-2010AC: All versions

e-STUDIO 2110AC FC-2110AC: All versions

e-STUDIO 2510AC FC-2510AC: All versions

e-STUDIO 2610AC FC-2610AC: All versions

e-STUDIO 2015NC FC-2015AC: All versions

e-STUDIO 2515AC FC-2515AC: All versions

e-STUDIO 2615AC FC-2615AC: All versions

e-STUDIO 3015AC FC-3015AC: All versions

e-STUDIO 3115AC FC-3115AC: All versions

e-STUDIO 3515AC FC-3515AC: All versions

e-STUDIO 3615AC FC-3615AC: All versions

e-STUDIO 4515AC FC-4515AC: All versions

e-STUDIO 4615AC FC-4615AC: All versions

e-STUDIO 5015AC FC-5015AC: All versions

e-STUDIO 5115AC FC-5115AC: All versions

e-STUDIO 2018A DP-2018A: All versions

e-STUDIO 2518A DP-2518A: All versions

e-STUDIO 2618A DP-2618A: All versions

e-STUDIO 3018A DP-3018A: All versions

e-STUDIO 3118A DP-3118A: All versions

e-STUDIO 3018AG DP-3018AG: All versions

e-STUDIO 3518A DP-3518A: All versions

e-STUDIO 3518AG DP-3518AG: All versions

e-STUDIO 3618A DP-3618A: All versions

e-STUDIO 3618AG DP-3618AG: All versions

e-STUDIO 4518A DP-4518A: All versions

e-STUDIO 4518AG DP-4518AG: All versions

e-STUDIO 4618A DP-4618A: All versions

e-STUDIO 4618AG DP-4618AG: All versions

e-STUDIO 5018A DP-5018A: All versions

e-STUDIO 5118A DP-5118A: All versions

e-STUDIO 5516AC FC-5516AC: All versions

e-STUDIO 5616AC FC-5616AC: All versions

e-STUDIO 6516AC FC-6516AC: All versions

e-STUDIO 6616AC FC-6616AC: All versions

e-STUDIO 7516AC FC-7516AC: All versions

e-STUDIO 7616AC FC-7616AC: All versions

e-STUDIO 5518A DP-5518A: All versions

e-STUDIO 5618A DP-5618A: All versions

e-STUDIO 6518A DP-6518A: All versions

e-STUDIO 6618A DP-6618A: All versions

e-STUDIO 7518A DP-7518A: All versions

e-STUDIO 7618A DP-7618A: All versions

e-STUDIO 8518A DP-8518A: All versions

e-STUDIO 8618A DP-8618A: All versions

e-STUDIO 2000AC FC-2000AC: All versions

e-STUDIO 2500AC FC-2500AC: All versions

e-STUDIO 2005NC FC-2005AC: All versions

e-STUDIO 2505AC FC-2005AC: All versions

e-STUDIO 3005AC FC-2005AC: All versions

e-STUDIO 3505AC FC-2005AC: All versions

e-STUDIO 4505AC FC-2005AC: All versions

e-STUDIO 5005AC FC-2005AC: All versions

e-STUDIO 2008A DP-2008A: All versions

e-STUDIO 2508A DP-2508A: All versions

e-STUDIO 3008A DP-3008A: All versions

e-STUDIO 3008AG DP-3008AG: All versions

e-STUDIO 3508A DP-3508A: All versions

e-STUDIO 3508AG DP-3508AG: All versions

e-STUDIO 4508A DP-4508A: All versions

e-STUDIO 4508AG DP-4508AG: All versions

e-STUDIO 5008A DP-5008A: All versions

e-STUDIO 5506AC FC-5506AC: All versions

e-STUDIO 6506AC FC-6506AC: All versions

e-STUDIO 7506AC FC-7506AC: All versions

e-STUDIO 5508A DP-5508A: All versions

e-STUDIO 6508A DP-6508A: All versions

e-STUDIO 7508A DP-7508A: All versions

e-STUDIO 8508A DP-8508A: All versions

e-STUDIO 3508LP DP-3535: All versions

e-STUDIO 4508LP DP-4535: All versions

e-STUDIO 5008LP DP-5035: All versions

CPE2.3 External links

http://jvn.jp/en/vu/JVNVU97136265/index.html
http://www.toshibatec.com/information/20240531_01.html


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

How the attacker can exploit this vulnerability?

The attacker would have to send a specially crafted request to the affected device in order to exploit this vulnerability.

The attacker would have to login to the system and perform certain actions in order to exploit this vulnerability.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

12) Path traversal

EUVDB-ID: #VU92279

Risk: High

CVSSv3.1: 8.5 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-27178

CWE-ID: CWE-22 - Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

Exploit availability: No

Description

The vulnerability allows a remote attacker to perform directory traversal attacks.

The vulnerability exists due to input validation error when processing directory traversal sequences. A remote attacker can send a specially crafted HTTP request and read arbitrary files on the system, leading to arbitrary code execution.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

e-STUDIO 2021AC FC-2021AC: All versions

e-STUDIO 2521AC FC-2521AC: All versions

e-STUDIO 2020AC FC-2020AC: All versions

e-STUDIO 2520AC FC-2520AC: All versions

e-STUDIO 2025NC FC-2025AC: All versions

e-STUDIO 2525AC FC-2525AC: All versions

e-STUDIO 3025AC FC-3025AC: All versions

e-STUDIO 3525AC FC-3525AC: All versions

e-STUDIO 3525ACG FC-3525ACG: All versions

e-STUDIO 4525AC FC-4525AC: All versions

e-STUDIO 4525ACG FC-4525ACG: All versions

e-STUDIO 5525AC FC-5525AC: All versions

e-STUDIO 5525ACG FC-5525ACG: All versions

e-STUDIO 6525AC FC-6525AC: All versions

e-STUDIO 6525ACG FC-6525ACG: All versions

e-STUDIO 2528A DP-2528A: All versions

e-STUDIO 3028A DP-3028A: All versions

e-STUDIO 3528A DP-3528A: All versions

e-STUDIO 3528AG DP-3528AG: All versions

e-STUDIO 4528A DP-4528A: All versions

e-STUDIO 4528AG DP-4528AG: All versions

e-STUDIO 5528A DP-5528A: All versions

e-STUDIO 6528A DP-6528A: All versions

e-STUDIO 6526AC FC-6526AC: All versions

e-STUDIO 6527AC FC-6527AC: All versions

e-STUDIO 7527AC FC-7527AC: All versions

e-STUDIO 6529A DP-6529A: All versions

e-STUDIO 7529A DP-7529A: All versions

e-STUDIO 9029A DP-9029A: All versions

e-STUDIO 330AC FC-330AC: All versions

e-STUDIO 400AC FC-400AC: All versions

e-STUDIO 2010AC FC-2010AC: All versions

e-STUDIO 2110AC FC-2110AC: All versions

e-STUDIO 2510AC FC-2510AC: All versions

e-STUDIO 2610AC FC-2610AC: All versions

e-STUDIO 2015NC FC-2015AC: All versions

e-STUDIO 2515AC FC-2515AC: All versions

e-STUDIO 2615AC FC-2615AC: All versions

e-STUDIO 3015AC FC-3015AC: All versions

e-STUDIO 3115AC FC-3115AC: All versions

e-STUDIO 3515AC FC-3515AC: All versions

e-STUDIO 3615AC FC-3615AC: All versions

e-STUDIO 4515AC FC-4515AC: All versions

e-STUDIO 4615AC FC-4615AC: All versions

e-STUDIO 5015AC FC-5015AC: All versions

e-STUDIO 5115AC FC-5115AC: All versions

e-STUDIO 2018A DP-2018A: All versions

e-STUDIO 2518A DP-2518A: All versions

e-STUDIO 2618A DP-2618A: All versions

e-STUDIO 3018A DP-3018A: All versions

e-STUDIO 3118A DP-3118A: All versions

e-STUDIO 3018AG DP-3018AG: All versions

e-STUDIO 3518A DP-3518A: All versions

e-STUDIO 3518AG DP-3518AG: All versions

e-STUDIO 3618A DP-3618A: All versions

e-STUDIO 3618AG DP-3618AG: All versions

e-STUDIO 4518A DP-4518A: All versions

e-STUDIO 4518AG DP-4518AG: All versions

e-STUDIO 4618A DP-4618A: All versions

e-STUDIO 4618AG DP-4618AG: All versions

e-STUDIO 5018A DP-5018A: All versions

e-STUDIO 5118A DP-5118A: All versions

e-STUDIO 5516AC FC-5516AC: All versions

e-STUDIO 5616AC FC-5616AC: All versions

e-STUDIO 6516AC FC-6516AC: All versions

e-STUDIO 6616AC FC-6616AC: All versions

e-STUDIO 7516AC FC-7516AC: All versions

e-STUDIO 7616AC FC-7616AC: All versions

e-STUDIO 5518A DP-5518A: All versions

e-STUDIO 5618A DP-5618A: All versions

e-STUDIO 6518A DP-6518A: All versions

e-STUDIO 6618A DP-6618A: All versions

e-STUDIO 7518A DP-7518A: All versions

e-STUDIO 7618A DP-7618A: All versions

e-STUDIO 8518A DP-8518A: All versions

e-STUDIO 8618A DP-8618A: All versions

e-STUDIO 2000AC FC-2000AC: All versions

e-STUDIO 2500AC FC-2500AC: All versions

e-STUDIO 2005NC FC-2005AC: All versions

e-STUDIO 2505AC FC-2005AC: All versions

e-STUDIO 3005AC FC-2005AC: All versions

e-STUDIO 3505AC FC-2005AC: All versions

e-STUDIO 4505AC FC-2005AC: All versions

e-STUDIO 5005AC FC-2005AC: All versions

e-STUDIO 2008A DP-2008A: All versions

e-STUDIO 2508A DP-2508A: All versions

e-STUDIO 3008A DP-3008A: All versions

e-STUDIO 3008AG DP-3008AG: All versions

e-STUDIO 3508A DP-3508A: All versions

e-STUDIO 3508AG DP-3508AG: All versions

e-STUDIO 4508A DP-4508A: All versions

e-STUDIO 4508AG DP-4508AG: All versions

e-STUDIO 5008A DP-5008A: All versions

e-STUDIO 5506AC FC-5506AC: All versions

e-STUDIO 6506AC FC-6506AC: All versions

e-STUDIO 7506AC FC-7506AC: All versions

e-STUDIO 5508A DP-5508A: All versions

e-STUDIO 6508A DP-6508A: All versions

e-STUDIO 7508A DP-7508A: All versions

e-STUDIO 8508A DP-8508A: All versions

e-STUDIO 3508LP DP-3535: All versions

e-STUDIO 4508LP DP-4535: All versions

e-STUDIO 5008LP DP-5035: All versions

CPE2.3 External links

http://jvn.jp/en/vu/JVNVU97136265/index.html
http://www.toshibatec.com/information/20240531_01.html


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

How the attacker can exploit this vulnerability?

The attacker would have to send a specially crafted request to the affected device in order to exploit this vulnerability.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

13) Cross-site scripting

EUVDB-ID: #VU92479

Risk: Low

CVSSv3.1: 5.3 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-27162

CWE-ID: CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Exploit availability: No

Description

The disclosed vulnerability allows a remote attacker to perform cross-site scripting (XSS) attacks.

The vulnerability exists due to insufficient sanitization of user-supplied data. A remote attacker can trick the victim to follow a specially crafted link and execute arbitrary HTML and script code in user's browser in context of vulnerable website.

Successful exploitation of this vulnerability may allow a remote attacker to steal potentially sensitive information, change appearance of the web page, perform phishing and drive-by-download attacks.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

e-STUDIO 2021AC FC-2021AC: All versions

e-STUDIO 2521AC FC-2521AC: All versions

e-STUDIO 2020AC FC-2020AC: All versions

e-STUDIO 2520AC FC-2520AC: All versions

e-STUDIO 2025NC FC-2025AC: All versions

e-STUDIO 2525AC FC-2525AC: All versions

e-STUDIO 3025AC FC-3025AC: All versions

e-STUDIO 3525AC FC-3525AC: All versions

e-STUDIO 3525ACG FC-3525ACG: All versions

e-STUDIO 4525AC FC-4525AC: All versions

e-STUDIO 4525ACG FC-4525ACG: All versions

e-STUDIO 5525AC FC-5525AC: All versions

e-STUDIO 5525ACG FC-5525ACG: All versions

e-STUDIO 6525AC FC-6525AC: All versions

e-STUDIO 6525ACG FC-6525ACG: All versions

e-STUDIO 2528A DP-2528A: All versions

e-STUDIO 3028A DP-3028A: All versions

e-STUDIO 3528A DP-3528A: All versions

e-STUDIO 3528AG DP-3528AG: All versions

e-STUDIO 4528A DP-4528A: All versions

e-STUDIO 4528AG DP-4528AG: All versions

e-STUDIO 5528A DP-5528A: All versions

e-STUDIO 6528A DP-6528A: All versions

e-STUDIO 6526AC FC-6526AC: All versions

e-STUDIO 6527AC FC-6527AC: All versions

e-STUDIO 7527AC FC-7527AC: All versions

e-STUDIO 6529A DP-6529A: All versions

e-STUDIO 7529A DP-7529A: All versions

e-STUDIO 9029A DP-9029A: All versions

e-STUDIO 330AC FC-330AC: All versions

e-STUDIO 400AC FC-400AC: All versions

e-STUDIO 2010AC FC-2010AC: All versions

e-STUDIO 2110AC FC-2110AC: All versions

e-STUDIO 2510AC FC-2510AC: All versions

e-STUDIO 2610AC FC-2610AC: All versions

e-STUDIO 2015NC FC-2015AC: All versions

e-STUDIO 2515AC FC-2515AC: All versions

e-STUDIO 2615AC FC-2615AC: All versions

e-STUDIO 3015AC FC-3015AC: All versions

e-STUDIO 3115AC FC-3115AC: All versions

e-STUDIO 3515AC FC-3515AC: All versions

e-STUDIO 3615AC FC-3615AC: All versions

e-STUDIO 4515AC FC-4515AC: All versions

e-STUDIO 4615AC FC-4615AC: All versions

e-STUDIO 5015AC FC-5015AC: All versions

e-STUDIO 5115AC FC-5115AC: All versions

e-STUDIO 2018A DP-2018A: All versions

e-STUDIO 2518A DP-2518A: All versions

e-STUDIO 2618A DP-2618A: All versions

e-STUDIO 3018A DP-3018A: All versions

e-STUDIO 3118A DP-3118A: All versions

e-STUDIO 3018AG DP-3018AG: All versions

e-STUDIO 3518A DP-3518A: All versions

e-STUDIO 3518AG DP-3518AG: All versions

e-STUDIO 3618A DP-3618A: All versions

e-STUDIO 3618AG DP-3618AG: All versions

e-STUDIO 4518A DP-4518A: All versions

e-STUDIO 4518AG DP-4518AG: All versions

e-STUDIO 4618A DP-4618A: All versions

e-STUDIO 4618AG DP-4618AG: All versions

e-STUDIO 5018A DP-5018A: All versions

e-STUDIO 5118A DP-5118A: All versions

e-STUDIO 5516AC FC-5516AC: All versions

e-STUDIO 5616AC FC-5616AC: All versions

e-STUDIO 6516AC FC-6516AC: All versions

e-STUDIO 6616AC FC-6616AC: All versions

e-STUDIO 7516AC FC-7516AC: All versions

e-STUDIO 7616AC FC-7616AC: All versions

e-STUDIO 5518A DP-5518A: All versions

e-STUDIO 5618A DP-5618A: All versions

e-STUDIO 6518A DP-6518A: All versions

e-STUDIO 6618A DP-6618A: All versions

e-STUDIO 7518A DP-7518A: All versions

e-STUDIO 7618A DP-7618A: All versions

e-STUDIO 8518A DP-8518A: All versions

e-STUDIO 8618A DP-8618A: All versions

e-STUDIO 2000AC FC-2000AC: All versions

e-STUDIO 2500AC FC-2500AC: All versions

e-STUDIO 2005NC FC-2005AC: All versions

e-STUDIO 2505AC FC-2005AC: All versions

e-STUDIO 3005AC FC-2005AC: All versions

e-STUDIO 3505AC FC-2005AC: All versions

e-STUDIO 4505AC FC-2005AC: All versions

e-STUDIO 5005AC FC-2005AC: All versions

e-STUDIO 2008A DP-2008A: All versions

e-STUDIO 2508A DP-2508A: All versions

e-STUDIO 3008A DP-3008A: All versions

e-STUDIO 3008AG DP-3008AG: All versions

e-STUDIO 3508A DP-3508A: All versions

e-STUDIO 3508AG DP-3508AG: All versions

e-STUDIO 4508A DP-4508A: All versions

e-STUDIO 4508AG DP-4508AG: All versions

e-STUDIO 5008A DP-5008A: All versions

e-STUDIO 5506AC FC-5506AC: All versions

e-STUDIO 6506AC FC-6506AC: All versions

e-STUDIO 7506AC FC-7506AC: All versions

e-STUDIO 5508A DP-5508A: All versions

e-STUDIO 6508A DP-6508A: All versions

e-STUDIO 7508A DP-7508A: All versions

e-STUDIO 8508A DP-8508A: All versions

e-STUDIO 3508LP DP-3535: All versions

e-STUDIO 4508LP DP-4535: All versions

e-STUDIO 5008LP DP-5035: All versions

CPE2.3 External links

http://jvn.jp/en/vu/JVNVU97136265/index.html
http://www.toshibatec.com/information/20240531_01.html


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

How the attacker can exploit this vulnerability?

The attacker would have to send a specially crafted request to the affected device in order to exploit this vulnerability.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

14) Cleartext transmission of sensitive information

EUVDB-ID: #VU92483

Risk: Medium

CVSSv3.1: 5.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-27163

CWE-ID: CWE-319 - Cleartext Transmission of Sensitive Information

Exploit availability: No

Description

The vulnerability allows a remote attacker to gain access to sensitive information.

The vulnerability exists due to software uses insecure communication channel to transmit sensitive information. A remote attacker can gain access to sensitive data.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

e-STUDIO 2021AC FC-2021AC: All versions

e-STUDIO 2521AC FC-2521AC: All versions

e-STUDIO 2020AC FC-2020AC: All versions

e-STUDIO 2520AC FC-2520AC: All versions

e-STUDIO 2025NC FC-2025AC: All versions

e-STUDIO 2525AC FC-2525AC: All versions

e-STUDIO 3025AC FC-3025AC: All versions

e-STUDIO 3525AC FC-3525AC: All versions

e-STUDIO 3525ACG FC-3525ACG: All versions

e-STUDIO 4525AC FC-4525AC: All versions

e-STUDIO 4525ACG FC-4525ACG: All versions

e-STUDIO 5525AC FC-5525AC: All versions

e-STUDIO 5525ACG FC-5525ACG: All versions

e-STUDIO 6525AC FC-6525AC: All versions

e-STUDIO 6525ACG FC-6525ACG: All versions

e-STUDIO 2528A DP-2528A: All versions

e-STUDIO 3028A DP-3028A: All versions

e-STUDIO 3528A DP-3528A: All versions

e-STUDIO 3528AG DP-3528AG: All versions

e-STUDIO 4528A DP-4528A: All versions

e-STUDIO 4528AG DP-4528AG: All versions

e-STUDIO 5528A DP-5528A: All versions

e-STUDIO 6528A DP-6528A: All versions

e-STUDIO 6526AC FC-6526AC: All versions

e-STUDIO 6527AC FC-6527AC: All versions

e-STUDIO 7527AC FC-7527AC: All versions

e-STUDIO 6529A DP-6529A: All versions

e-STUDIO 7529A DP-7529A: All versions

e-STUDIO 9029A DP-9029A: All versions

e-STUDIO 330AC FC-330AC: All versions

e-STUDIO 400AC FC-400AC: All versions

e-STUDIO 2010AC FC-2010AC: All versions

e-STUDIO 2110AC FC-2110AC: All versions

e-STUDIO 2510AC FC-2510AC: All versions

e-STUDIO 2610AC FC-2610AC: All versions

e-STUDIO 2015NC FC-2015AC: All versions

e-STUDIO 2515AC FC-2515AC: All versions

e-STUDIO 2615AC FC-2615AC: All versions

e-STUDIO 3015AC FC-3015AC: All versions

e-STUDIO 3115AC FC-3115AC: All versions

e-STUDIO 3515AC FC-3515AC: All versions

e-STUDIO 3615AC FC-3615AC: All versions

e-STUDIO 4515AC FC-4515AC: All versions

e-STUDIO 4615AC FC-4615AC: All versions

e-STUDIO 5015AC FC-5015AC: All versions

e-STUDIO 5115AC FC-5115AC: All versions

e-STUDIO 2018A DP-2018A: All versions

e-STUDIO 2518A DP-2518A: All versions

e-STUDIO 2618A DP-2618A: All versions

e-STUDIO 3018A DP-3018A: All versions

e-STUDIO 3118A DP-3118A: All versions

e-STUDIO 3018AG DP-3018AG: All versions

e-STUDIO 3518A DP-3518A: All versions

e-STUDIO 3518AG DP-3518AG: All versions

e-STUDIO 3618A DP-3618A: All versions

e-STUDIO 3618AG DP-3618AG: All versions

e-STUDIO 4518A DP-4518A: All versions

e-STUDIO 4518AG DP-4518AG: All versions

e-STUDIO 4618A DP-4618A: All versions

e-STUDIO 4618AG DP-4618AG: All versions

e-STUDIO 5018A DP-5018A: All versions

e-STUDIO 5118A DP-5118A: All versions

e-STUDIO 5516AC FC-5516AC: All versions

e-STUDIO 5616AC FC-5616AC: All versions

e-STUDIO 6516AC FC-6516AC: All versions

e-STUDIO 6616AC FC-6616AC: All versions

e-STUDIO 7516AC FC-7516AC: All versions

e-STUDIO 7616AC FC-7616AC: All versions

e-STUDIO 5518A DP-5518A: All versions

e-STUDIO 5618A DP-5618A: All versions

e-STUDIO 6518A DP-6518A: All versions

e-STUDIO 6618A DP-6618A: All versions

e-STUDIO 7518A DP-7518A: All versions

e-STUDIO 7618A DP-7618A: All versions

e-STUDIO 8518A DP-8518A: All versions

e-STUDIO 8618A DP-8618A: All versions

e-STUDIO 2000AC FC-2000AC: All versions

e-STUDIO 2500AC FC-2500AC: All versions

e-STUDIO 2005NC FC-2005AC: All versions

e-STUDIO 2505AC FC-2005AC: All versions

e-STUDIO 3005AC FC-2005AC: All versions

e-STUDIO 3505AC FC-2005AC: All versions

e-STUDIO 4505AC FC-2005AC: All versions

e-STUDIO 5005AC FC-2005AC: All versions

e-STUDIO 2008A DP-2008A: All versions

e-STUDIO 2508A DP-2508A: All versions

e-STUDIO 3008A DP-3008A: All versions

e-STUDIO 3008AG DP-3008AG: All versions

e-STUDIO 3508A DP-3508A: All versions

e-STUDIO 3508AG DP-3508AG: All versions

e-STUDIO 4508A DP-4508A: All versions

e-STUDIO 4508AG DP-4508AG: All versions

e-STUDIO 5008A DP-5008A: All versions

e-STUDIO 5506AC FC-5506AC: All versions

e-STUDIO 6506AC FC-6506AC: All versions

e-STUDIO 7506AC FC-7506AC: All versions

e-STUDIO 5508A DP-5508A: All versions

e-STUDIO 6508A DP-6508A: All versions

e-STUDIO 7508A DP-7508A: All versions

e-STUDIO 8508A DP-8508A: All versions

e-STUDIO 3508LP DP-3535: All versions

e-STUDIO 4508LP DP-4535: All versions

e-STUDIO 5008LP DP-5035: All versions

CPE2.3 External links

http://jvn.jp/en/vu/JVNVU97136265/index.html
http://www.toshibatec.com/information/20240531_01.html


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

How the attacker can exploit this vulnerability?

The attacker would have to send a specially crafted request to the affected device in order to exploit this vulnerability.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

15) Least Privilege Violation

EUVDB-ID: #VU92485

Risk: Low

CVSSv3.1: 6.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-27165

CWE-ID: CWE-272 - Least Privilege Violation

Exploit availability: No

Description

The vulnerability allows a local user to execute arbitrary code on the system.

The vulnerability exists due to least privilege violation. A local user can execute arbitrary code on the target system.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

e-STUDIO 2021AC FC-2021AC: All versions

e-STUDIO 2521AC FC-2521AC: All versions

e-STUDIO 2020AC FC-2020AC: All versions

e-STUDIO 2520AC FC-2520AC: All versions

e-STUDIO 2025NC FC-2025AC: All versions

e-STUDIO 2525AC FC-2525AC: All versions

e-STUDIO 3025AC FC-3025AC: All versions

e-STUDIO 3525AC FC-3525AC: All versions

e-STUDIO 3525ACG FC-3525ACG: All versions

e-STUDIO 4525AC FC-4525AC: All versions

e-STUDIO 4525ACG FC-4525ACG: All versions

e-STUDIO 5525AC FC-5525AC: All versions

e-STUDIO 5525ACG FC-5525ACG: All versions

e-STUDIO 6525AC FC-6525AC: All versions

e-STUDIO 6525ACG FC-6525ACG: All versions

e-STUDIO 2528A DP-2528A: All versions

e-STUDIO 3028A DP-3028A: All versions

e-STUDIO 3528A DP-3528A: All versions

e-STUDIO 3528AG DP-3528AG: All versions

e-STUDIO 4528A DP-4528A: All versions

e-STUDIO 4528AG DP-4528AG: All versions

e-STUDIO 5528A DP-5528A: All versions

e-STUDIO 6528A DP-6528A: All versions

e-STUDIO 6526AC FC-6526AC: All versions

e-STUDIO 6527AC FC-6527AC: All versions

e-STUDIO 7527AC FC-7527AC: All versions

e-STUDIO 6529A DP-6529A: All versions

e-STUDIO 7529A DP-7529A: All versions

e-STUDIO 9029A DP-9029A: All versions

e-STUDIO 330AC FC-330AC: All versions

e-STUDIO 400AC FC-400AC: All versions

e-STUDIO 2010AC FC-2010AC: All versions

e-STUDIO 2110AC FC-2110AC: All versions

e-STUDIO 2510AC FC-2510AC: All versions

e-STUDIO 2610AC FC-2610AC: All versions

e-STUDIO 2015NC FC-2015AC: All versions

e-STUDIO 2515AC FC-2515AC: All versions

e-STUDIO 2615AC FC-2615AC: All versions

e-STUDIO 3015AC FC-3015AC: All versions

e-STUDIO 3115AC FC-3115AC: All versions

e-STUDIO 3515AC FC-3515AC: All versions

e-STUDIO 3615AC FC-3615AC: All versions

e-STUDIO 4515AC FC-4515AC: All versions

e-STUDIO 4615AC FC-4615AC: All versions

e-STUDIO 5015AC FC-5015AC: All versions

e-STUDIO 5115AC FC-5115AC: All versions

e-STUDIO 2018A DP-2018A: All versions

e-STUDIO 2518A DP-2518A: All versions

e-STUDIO 2618A DP-2618A: All versions

e-STUDIO 3018A DP-3018A: All versions

e-STUDIO 3118A DP-3118A: All versions

e-STUDIO 3018AG DP-3018AG: All versions

e-STUDIO 3518A DP-3518A: All versions

e-STUDIO 3518AG DP-3518AG: All versions

e-STUDIO 3618A DP-3618A: All versions

e-STUDIO 3618AG DP-3618AG: All versions

e-STUDIO 4518A DP-4518A: All versions

e-STUDIO 4518AG DP-4518AG: All versions

e-STUDIO 4618A DP-4618A: All versions

e-STUDIO 4618AG DP-4618AG: All versions

e-STUDIO 5018A DP-5018A: All versions

e-STUDIO 5118A DP-5118A: All versions

e-STUDIO 5516AC FC-5516AC: All versions

e-STUDIO 5616AC FC-5616AC: All versions

e-STUDIO 6516AC FC-6516AC: All versions

e-STUDIO 6616AC FC-6616AC: All versions

e-STUDIO 7516AC FC-7516AC: All versions

e-STUDIO 7616AC FC-7616AC: All versions

e-STUDIO 5518A DP-5518A: All versions

e-STUDIO 5618A DP-5618A: All versions

e-STUDIO 6518A DP-6518A: All versions

e-STUDIO 6618A DP-6618A: All versions

e-STUDIO 7518A DP-7518A: All versions

e-STUDIO 7618A DP-7618A: All versions

e-STUDIO 8518A DP-8518A: All versions

e-STUDIO 8618A DP-8618A: All versions

e-STUDIO 2000AC FC-2000AC: All versions

e-STUDIO 2500AC FC-2500AC: All versions

e-STUDIO 2005NC FC-2005AC: All versions

e-STUDIO 2505AC FC-2005AC: All versions

e-STUDIO 3005AC FC-2005AC: All versions

e-STUDIO 3505AC FC-2005AC: All versions

e-STUDIO 4505AC FC-2005AC: All versions

e-STUDIO 5005AC FC-2005AC: All versions

e-STUDIO 2008A DP-2008A: All versions

e-STUDIO 2508A DP-2508A: All versions

e-STUDIO 3008A DP-3008A: All versions

e-STUDIO 3008AG DP-3008AG: All versions

e-STUDIO 3508A DP-3508A: All versions

e-STUDIO 3508AG DP-3508AG: All versions

e-STUDIO 4508A DP-4508A: All versions

e-STUDIO 4508AG DP-4508AG: All versions

e-STUDIO 5008A DP-5008A: All versions

e-STUDIO 5506AC FC-5506AC: All versions

e-STUDIO 6506AC FC-6506AC: All versions

e-STUDIO 7506AC FC-7506AC: All versions

e-STUDIO 5508A DP-5508A: All versions

e-STUDIO 6508A DP-6508A: All versions

e-STUDIO 7508A DP-7508A: All versions

e-STUDIO 8508A DP-8508A: All versions

e-STUDIO 3508LP DP-3535: All versions

e-STUDIO 4508LP DP-4535: All versions

e-STUDIO 5008LP DP-5035: All versions

CPE2.3 External links

http://jvn.jp/en/vu/JVNVU97136265/index.html
http://www.toshibatec.com/information/20240531_01.html


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

How the attacker can exploit this vulnerability?

The attacker would have to send a specially crafted request to the affected device in order to exploit this vulnerability.

The attacker would have to login to the system and perform certain actions in order to exploit this vulnerability.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

16) Missing Authentication for Critical Function

EUVDB-ID: #VU92488

Risk: Low

CVSSv3.1: 7.3 [CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-27169

CWE-ID: CWE-306 - Missing Authentication for Critical Function

Exploit availability: No

Description

The vulnerability allows a local attacker to bypass authentication process.

The vulnerability exists due to missing authentication for critical function. A local attacker can bypass authentication process and access the administrative interface.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

e-STUDIO 2021AC FC-2021AC: All versions

e-STUDIO 2521AC FC-2521AC: All versions

e-STUDIO 2020AC FC-2020AC: All versions

e-STUDIO 2520AC FC-2520AC: All versions

e-STUDIO 2025NC FC-2025AC: All versions

e-STUDIO 2525AC FC-2525AC: All versions

e-STUDIO 3025AC FC-3025AC: All versions

e-STUDIO 3525AC FC-3525AC: All versions

e-STUDIO 3525ACG FC-3525ACG: All versions

e-STUDIO 4525AC FC-4525AC: All versions

e-STUDIO 4525ACG FC-4525ACG: All versions

e-STUDIO 5525AC FC-5525AC: All versions

e-STUDIO 5525ACG FC-5525ACG: All versions

e-STUDIO 6525AC FC-6525AC: All versions

e-STUDIO 6525ACG FC-6525ACG: All versions

e-STUDIO 2528A DP-2528A: All versions

e-STUDIO 3028A DP-3028A: All versions

e-STUDIO 3528A DP-3528A: All versions

e-STUDIO 3528AG DP-3528AG: All versions

e-STUDIO 4528A DP-4528A: All versions

e-STUDIO 4528AG DP-4528AG: All versions

e-STUDIO 5528A DP-5528A: All versions

e-STUDIO 6528A DP-6528A: All versions

e-STUDIO 6526AC FC-6526AC: All versions

e-STUDIO 6527AC FC-6527AC: All versions

e-STUDIO 7527AC FC-7527AC: All versions

e-STUDIO 6529A DP-6529A: All versions

e-STUDIO 7529A DP-7529A: All versions

e-STUDIO 9029A DP-9029A: All versions

e-STUDIO 330AC FC-330AC: All versions

e-STUDIO 400AC FC-400AC: All versions

e-STUDIO 2010AC FC-2010AC: All versions

e-STUDIO 2110AC FC-2110AC: All versions

e-STUDIO 2510AC FC-2510AC: All versions

e-STUDIO 2610AC FC-2610AC: All versions

e-STUDIO 2015NC FC-2015AC: All versions

e-STUDIO 2515AC FC-2515AC: All versions

e-STUDIO 2615AC FC-2615AC: All versions

e-STUDIO 3015AC FC-3015AC: All versions

e-STUDIO 3115AC FC-3115AC: All versions

e-STUDIO 3515AC FC-3515AC: All versions

e-STUDIO 3615AC FC-3615AC: All versions

e-STUDIO 4515AC FC-4515AC: All versions

e-STUDIO 4615AC FC-4615AC: All versions

e-STUDIO 5015AC FC-5015AC: All versions

e-STUDIO 5115AC FC-5115AC: All versions

e-STUDIO 2018A DP-2018A: All versions

e-STUDIO 2518A DP-2518A: All versions

e-STUDIO 2618A DP-2618A: All versions

e-STUDIO 3018A DP-3018A: All versions

e-STUDIO 3118A DP-3118A: All versions

e-STUDIO 3018AG DP-3018AG: All versions

e-STUDIO 3518A DP-3518A: All versions

e-STUDIO 3518AG DP-3518AG: All versions

e-STUDIO 3618A DP-3618A: All versions

e-STUDIO 3618AG DP-3618AG: All versions

e-STUDIO 4518A DP-4518A: All versions

e-STUDIO 4518AG DP-4518AG: All versions

e-STUDIO 4618A DP-4618A: All versions

e-STUDIO 4618AG DP-4618AG: All versions

e-STUDIO 5018A DP-5018A: All versions

e-STUDIO 5118A DP-5118A: All versions

e-STUDIO 5516AC FC-5516AC: All versions

e-STUDIO 5616AC FC-5616AC: All versions

e-STUDIO 6516AC FC-6516AC: All versions

e-STUDIO 6616AC FC-6616AC: All versions

e-STUDIO 7516AC FC-7516AC: All versions

e-STUDIO 7616AC FC-7616AC: All versions

e-STUDIO 5518A DP-5518A: All versions

e-STUDIO 5618A DP-5618A: All versions

e-STUDIO 6518A DP-6518A: All versions

e-STUDIO 6618A DP-6618A: All versions

e-STUDIO 7518A DP-7518A: All versions

e-STUDIO 7618A DP-7618A: All versions

e-STUDIO 8518A DP-8518A: All versions

e-STUDIO 8618A DP-8618A: All versions

e-STUDIO 2000AC FC-2000AC: All versions

e-STUDIO 2500AC FC-2500AC: All versions

e-STUDIO 2005NC FC-2005AC: All versions

e-STUDIO 2505AC FC-2005AC: All versions

e-STUDIO 3005AC FC-2005AC: All versions

e-STUDIO 3505AC FC-2005AC: All versions

e-STUDIO 4505AC FC-2005AC: All versions

e-STUDIO 5005AC FC-2005AC: All versions

e-STUDIO 2008A DP-2008A: All versions

e-STUDIO 2508A DP-2508A: All versions

e-STUDIO 3008A DP-3008A: All versions

e-STUDIO 3008AG DP-3008AG: All versions

e-STUDIO 3508A DP-3508A: All versions

e-STUDIO 3508AG DP-3508AG: All versions

e-STUDIO 4508A DP-4508A: All versions

e-STUDIO 4508AG DP-4508AG: All versions

e-STUDIO 5008A DP-5008A: All versions

e-STUDIO 5506AC FC-5506AC: All versions

e-STUDIO 6506AC FC-6506AC: All versions

e-STUDIO 7506AC FC-7506AC: All versions

e-STUDIO 5508A DP-5508A: All versions

e-STUDIO 6508A DP-6508A: All versions

e-STUDIO 7508A DP-7508A: All versions

e-STUDIO 8508A DP-8508A: All versions

e-STUDIO 3508LP DP-3535: All versions

e-STUDIO 4508LP DP-4535: All versions

e-STUDIO 5008LP DP-5035: All versions

CPE2.3 External links

http://jvn.jp/en/vu/JVNVU97136265/index.html
http://www.toshibatec.com/information/20240531_01.html


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

How the attacker can exploit this vulnerability?

The attacker would have to send a specially crafted request to the affected device in order to exploit this vulnerability.

The attacker would have to login to the system and perform certain actions in order to exploit this vulnerability.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

17) OS Command Injection

EUVDB-ID: #VU92495

Risk: High

CVSSv3.1: 8.5 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-27172

CWE-ID: CWE-78 - Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')

Exploit availability: No

Description

The vulnerability allows a remote attacker to execute arbitrary shell commands on the target system.

The vulnerability exists due to improper input validation. A remote unauthenticated attacker can pass specially crafted data to the application and execute arbitrary OS commands on the target system.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

e-STUDIO 2021AC FC-2021AC: All versions

e-STUDIO 2521AC FC-2521AC: All versions

e-STUDIO 2020AC FC-2020AC: All versions

e-STUDIO 2520AC FC-2520AC: All versions

e-STUDIO 2025NC FC-2025AC: All versions

e-STUDIO 2525AC FC-2525AC: All versions

e-STUDIO 3025AC FC-3025AC: All versions

e-STUDIO 3525AC FC-3525AC: All versions

e-STUDIO 3525ACG FC-3525ACG: All versions

e-STUDIO 4525AC FC-4525AC: All versions

e-STUDIO 4525ACG FC-4525ACG: All versions

e-STUDIO 5525AC FC-5525AC: All versions

e-STUDIO 5525ACG FC-5525ACG: All versions

e-STUDIO 6525AC FC-6525AC: All versions

e-STUDIO 6525ACG FC-6525ACG: All versions

e-STUDIO 2528A DP-2528A: All versions

e-STUDIO 3028A DP-3028A: All versions

e-STUDIO 3528A DP-3528A: All versions

e-STUDIO 3528AG DP-3528AG: All versions

e-STUDIO 4528A DP-4528A: All versions

e-STUDIO 4528AG DP-4528AG: All versions

e-STUDIO 5528A DP-5528A: All versions

e-STUDIO 6528A DP-6528A: All versions

e-STUDIO 6526AC FC-6526AC: All versions

e-STUDIO 6527AC FC-6527AC: All versions

e-STUDIO 7527AC FC-7527AC: All versions

e-STUDIO 6529A DP-6529A: All versions

e-STUDIO 7529A DP-7529A: All versions

e-STUDIO 9029A DP-9029A: All versions

e-STUDIO 330AC FC-330AC: All versions

e-STUDIO 400AC FC-400AC: All versions

e-STUDIO 2010AC FC-2010AC: All versions

e-STUDIO 2110AC FC-2110AC: All versions

e-STUDIO 2510AC FC-2510AC: All versions

e-STUDIO 2610AC FC-2610AC: All versions

e-STUDIO 2015NC FC-2015AC: All versions

e-STUDIO 2515AC FC-2515AC: All versions

e-STUDIO 2615AC FC-2615AC: All versions

e-STUDIO 3015AC FC-3015AC: All versions

e-STUDIO 3115AC FC-3115AC: All versions

e-STUDIO 3515AC FC-3515AC: All versions

e-STUDIO 3615AC FC-3615AC: All versions

e-STUDIO 4515AC FC-4515AC: All versions

e-STUDIO 4615AC FC-4615AC: All versions

e-STUDIO 5015AC FC-5015AC: All versions

e-STUDIO 5115AC FC-5115AC: All versions

e-STUDIO 2018A DP-2018A: All versions

e-STUDIO 2518A DP-2518A: All versions

e-STUDIO 2618A DP-2618A: All versions

e-STUDIO 3018A DP-3018A: All versions

e-STUDIO 3118A DP-3118A: All versions

e-STUDIO 3018AG DP-3018AG: All versions

e-STUDIO 3518A DP-3518A: All versions

e-STUDIO 3518AG DP-3518AG: All versions

e-STUDIO 3618A DP-3618A: All versions

e-STUDIO 3618AG DP-3618AG: All versions

e-STUDIO 4518A DP-4518A: All versions

e-STUDIO 4518AG DP-4518AG: All versions

e-STUDIO 4618A DP-4618A: All versions

e-STUDIO 4618AG DP-4618AG: All versions

e-STUDIO 5018A DP-5018A: All versions

e-STUDIO 5118A DP-5118A: All versions

e-STUDIO 5516AC FC-5516AC: All versions

e-STUDIO 5616AC FC-5616AC: All versions

e-STUDIO 6516AC FC-6516AC: All versions

e-STUDIO 6616AC FC-6616AC: All versions

e-STUDIO 7516AC FC-7516AC: All versions

e-STUDIO 7616AC FC-7616AC: All versions

e-STUDIO 5518A DP-5518A: All versions

e-STUDIO 5618A DP-5618A: All versions

e-STUDIO 6518A DP-6518A: All versions

e-STUDIO 6618A DP-6618A: All versions

e-STUDIO 7518A DP-7518A: All versions

e-STUDIO 7618A DP-7618A: All versions

e-STUDIO 8518A DP-8518A: All versions

e-STUDIO 8618A DP-8618A: All versions

e-STUDIO 2000AC FC-2000AC: All versions

e-STUDIO 2500AC FC-2500AC: All versions

e-STUDIO 2005NC FC-2005AC: All versions

e-STUDIO 2505AC FC-2005AC: All versions

e-STUDIO 3005AC FC-2005AC: All versions

e-STUDIO 3505AC FC-2005AC: All versions

e-STUDIO 4505AC FC-2005AC: All versions

e-STUDIO 5005AC FC-2005AC: All versions

e-STUDIO 2008A DP-2008A: All versions

e-STUDIO 2508A DP-2508A: All versions

e-STUDIO 3008A DP-3008A: All versions

e-STUDIO 3008AG DP-3008AG: All versions

e-STUDIO 3508A DP-3508A: All versions

e-STUDIO 3508AG DP-3508AG: All versions

e-STUDIO 4508A DP-4508A: All versions

e-STUDIO 4508AG DP-4508AG: All versions

e-STUDIO 5008A DP-5008A: All versions

e-STUDIO 5506AC FC-5506AC: All versions

e-STUDIO 6506AC FC-6506AC: All versions

e-STUDIO 7506AC FC-7506AC: All versions

e-STUDIO 5508A DP-5508A: All versions

e-STUDIO 6508A DP-6508A: All versions

e-STUDIO 7508A DP-7508A: All versions

e-STUDIO 8508A DP-8508A: All versions

e-STUDIO 3508LP DP-3535: All versions

e-STUDIO 4508LP DP-4535: All versions

e-STUDIO 5008LP DP-5035: All versions

CPE2.3 External links

http://jvn.jp/en/vu/JVNVU97136265/index.html
http://www.toshibatec.com/information/20240531_01.html


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

How the attacker can exploit this vulnerability?

The attacker would have to send a specially crafted request to the affected device in order to exploit this vulnerability.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

18) External Control of File Name or Path

EUVDB-ID: #VU92498

Risk: Medium

CVSSv3.1: 6.5 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-27175

CWE-ID: CWE-73 - External Control of File Name or Path

Exploit availability: No

Description

The vulnerability allows a remote attacker to read arbitrary files.

The vulnerability exists due to application allows an attacker to control path of the files to read. A remote attacker can send a specially crafted HTTP request and read any file on the printer.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

e-STUDIO 2021AC FC-2021AC: All versions

e-STUDIO 2521AC FC-2521AC: All versions

e-STUDIO 2020AC FC-2020AC: All versions

e-STUDIO 2520AC FC-2520AC: All versions

e-STUDIO 2025NC FC-2025AC: All versions

e-STUDIO 2525AC FC-2525AC: All versions

e-STUDIO 3025AC FC-3025AC: All versions

e-STUDIO 3525AC FC-3525AC: All versions

e-STUDIO 3525ACG FC-3525ACG: All versions

e-STUDIO 4525AC FC-4525AC: All versions

e-STUDIO 4525ACG FC-4525ACG: All versions

e-STUDIO 5525AC FC-5525AC: All versions

e-STUDIO 5525ACG FC-5525ACG: All versions

e-STUDIO 6525AC FC-6525AC: All versions

e-STUDIO 6525ACG FC-6525ACG: All versions

e-STUDIO 2528A DP-2528A: All versions

e-STUDIO 3028A DP-3028A: All versions

e-STUDIO 3528A DP-3528A: All versions

e-STUDIO 3528AG DP-3528AG: All versions

e-STUDIO 4528A DP-4528A: All versions

e-STUDIO 4528AG DP-4528AG: All versions

e-STUDIO 5528A DP-5528A: All versions

e-STUDIO 6528A DP-6528A: All versions

e-STUDIO 6526AC FC-6526AC: All versions

e-STUDIO 6527AC FC-6527AC: All versions

e-STUDIO 7527AC FC-7527AC: All versions

e-STUDIO 6529A DP-6529A: All versions

e-STUDIO 7529A DP-7529A: All versions

e-STUDIO 9029A DP-9029A: All versions

e-STUDIO 330AC FC-330AC: All versions

e-STUDIO 400AC FC-400AC: All versions

e-STUDIO 2010AC FC-2010AC: All versions

e-STUDIO 2110AC FC-2110AC: All versions

e-STUDIO 2510AC FC-2510AC: All versions

e-STUDIO 2610AC FC-2610AC: All versions

e-STUDIO 2015NC FC-2015AC: All versions

e-STUDIO 2515AC FC-2515AC: All versions

e-STUDIO 2615AC FC-2615AC: All versions

e-STUDIO 3015AC FC-3015AC: All versions

e-STUDIO 3115AC FC-3115AC: All versions

e-STUDIO 3515AC FC-3515AC: All versions

e-STUDIO 3615AC FC-3615AC: All versions

e-STUDIO 4515AC FC-4515AC: All versions

e-STUDIO 4615AC FC-4615AC: All versions

e-STUDIO 5015AC FC-5015AC: All versions

e-STUDIO 5115AC FC-5115AC: All versions

e-STUDIO 2018A DP-2018A: All versions

e-STUDIO 2518A DP-2518A: All versions

e-STUDIO 2618A DP-2618A: All versions

e-STUDIO 3018A DP-3018A: All versions

e-STUDIO 3118A DP-3118A: All versions

e-STUDIO 3018AG DP-3018AG: All versions

e-STUDIO 3518A DP-3518A: All versions

e-STUDIO 3518AG DP-3518AG: All versions

e-STUDIO 3618A DP-3618A: All versions

e-STUDIO 3618AG DP-3618AG: All versions

e-STUDIO 4518A DP-4518A: All versions

e-STUDIO 4518AG DP-4518AG: All versions

e-STUDIO 4618A DP-4618A: All versions

e-STUDIO 4618AG DP-4618AG: All versions

e-STUDIO 5018A DP-5018A: All versions

e-STUDIO 5118A DP-5118A: All versions

e-STUDIO 5516AC FC-5516AC: All versions

e-STUDIO 5616AC FC-5616AC: All versions

e-STUDIO 6516AC FC-6516AC: All versions

e-STUDIO 6616AC FC-6616AC: All versions

e-STUDIO 7516AC FC-7516AC: All versions

e-STUDIO 7616AC FC-7616AC: All versions

e-STUDIO 5518A DP-5518A: All versions

e-STUDIO 5618A DP-5618A: All versions

e-STUDIO 6518A DP-6518A: All versions

e-STUDIO 6618A DP-6618A: All versions

e-STUDIO 7518A DP-7518A: All versions

e-STUDIO 7618A DP-7618A: All versions

e-STUDIO 8518A DP-8518A: All versions

e-STUDIO 8618A DP-8618A: All versions

e-STUDIO 2000AC FC-2000AC: All versions

e-STUDIO 2500AC FC-2500AC: All versions

e-STUDIO 2005NC FC-2005AC: All versions

e-STUDIO 2505AC FC-2005AC: All versions

e-STUDIO 3005AC FC-2005AC: All versions

e-STUDIO 3505AC FC-2005AC: All versions

e-STUDIO 4505AC FC-2005AC: All versions

e-STUDIO 5005AC FC-2005AC: All versions

e-STUDIO 2008A DP-2008A: All versions

e-STUDIO 2508A DP-2508A: All versions

e-STUDIO 3008A DP-3008A: All versions

e-STUDIO 3008AG DP-3008AG: All versions

e-STUDIO 3508A DP-3508A: All versions

e-STUDIO 3508AG DP-3508AG: All versions

e-STUDIO 4508A DP-4508A: All versions

e-STUDIO 4508AG DP-4508AG: All versions

e-STUDIO 5008A DP-5008A: All versions

e-STUDIO 5506AC FC-5506AC: All versions

e-STUDIO 6506AC FC-6506AC: All versions

e-STUDIO 7506AC FC-7506AC: All versions

e-STUDIO 5508A DP-5508A: All versions

e-STUDIO 6508A DP-6508A: All versions

e-STUDIO 7508A DP-7508A: All versions

e-STUDIO 8508A DP-8508A: All versions

e-STUDIO 3508LP DP-3535: All versions

e-STUDIO 4508LP DP-4535: All versions

e-STUDIO 5008LP DP-5035: All versions

CPE2.3 External links

http://jvn.jp/en/vu/JVNVU97136265/index.html
http://www.toshibatec.com/information/20240531_01.html


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

How the attacker can exploit this vulnerability?

The attacker would have to send a specially crafted request to the affected device in order to exploit this vulnerability.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

19) Time-of-check Time-of-use (TOCTOU) Race Condition

EUVDB-ID: #VU92499

Risk: Medium

CVSSv3.1: 5.8 [CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-27180

CWE-ID: CWE-367 - Time-of-check Time-of-use (TOCTOU) Race Condition

Exploit availability: No

Description

The vulnerability allows a local attacker to compromise the target system.

The vulnerability exists due to a time-of-check, time-of-use (TOCTOU) race condition. A local attacker can cause a race condition and alter the information

Mitigation

Install updates from vendor's website.

Vulnerable software versions

e-STUDIO 2021AC FC-2021AC: All versions

e-STUDIO 2521AC FC-2521AC: All versions

e-STUDIO 2020AC FC-2020AC: All versions

e-STUDIO 2520AC FC-2520AC: All versions

e-STUDIO 2025NC FC-2025AC: All versions

e-STUDIO 2525AC FC-2525AC: All versions

e-STUDIO 3025AC FC-3025AC: All versions

e-STUDIO 3525AC FC-3525AC: All versions

e-STUDIO 3525ACG FC-3525ACG: All versions

e-STUDIO 4525AC FC-4525AC: All versions

e-STUDIO 4525ACG FC-4525ACG: All versions

e-STUDIO 5525AC FC-5525AC: All versions

e-STUDIO 5525ACG FC-5525ACG: All versions

e-STUDIO 6525AC FC-6525AC: All versions

e-STUDIO 6525ACG FC-6525ACG: All versions

e-STUDIO 2528A DP-2528A: All versions

e-STUDIO 3028A DP-3028A: All versions

e-STUDIO 3528A DP-3528A: All versions

e-STUDIO 3528AG DP-3528AG: All versions

e-STUDIO 4528A DP-4528A: All versions

e-STUDIO 4528AG DP-4528AG: All versions

e-STUDIO 5528A DP-5528A: All versions

e-STUDIO 6528A DP-6528A: All versions

e-STUDIO 6526AC FC-6526AC: All versions

e-STUDIO 6527AC FC-6527AC: All versions

e-STUDIO 7527AC FC-7527AC: All versions

e-STUDIO 6529A DP-6529A: All versions

e-STUDIO 7529A DP-7529A: All versions

e-STUDIO 9029A DP-9029A: All versions

e-STUDIO 330AC FC-330AC: All versions

e-STUDIO 400AC FC-400AC: All versions

e-STUDIO 2010AC FC-2010AC: All versions

e-STUDIO 2110AC FC-2110AC: All versions

e-STUDIO 2510AC FC-2510AC: All versions

e-STUDIO 2610AC FC-2610AC: All versions

e-STUDIO 2015NC FC-2015AC: All versions

e-STUDIO 2515AC FC-2515AC: All versions

e-STUDIO 2615AC FC-2615AC: All versions

e-STUDIO 3015AC FC-3015AC: All versions

e-STUDIO 3115AC FC-3115AC: All versions

e-STUDIO 3515AC FC-3515AC: All versions

e-STUDIO 3615AC FC-3615AC: All versions

e-STUDIO 4515AC FC-4515AC: All versions

e-STUDIO 4615AC FC-4615AC: All versions

e-STUDIO 5015AC FC-5015AC: All versions

e-STUDIO 5115AC FC-5115AC: All versions

e-STUDIO 2018A DP-2018A: All versions

e-STUDIO 2518A DP-2518A: All versions

e-STUDIO 2618A DP-2618A: All versions

e-STUDIO 3018A DP-3018A: All versions

e-STUDIO 3118A DP-3118A: All versions

e-STUDIO 3018AG DP-3018AG: All versions

e-STUDIO 3518A DP-3518A: All versions

e-STUDIO 3518AG DP-3518AG: All versions

e-STUDIO 3618A DP-3618A: All versions

e-STUDIO 3618AG DP-3618AG: All versions

e-STUDIO 4518A DP-4518A: All versions

e-STUDIO 4518AG DP-4518AG: All versions

e-STUDIO 4618A DP-4618A: All versions

e-STUDIO 4618AG DP-4618AG: All versions

e-STUDIO 5018A DP-5018A: All versions

e-STUDIO 5118A DP-5118A: All versions

e-STUDIO 5516AC FC-5516AC: All versions

e-STUDIO 5616AC FC-5616AC: All versions

e-STUDIO 6516AC FC-6516AC: All versions

e-STUDIO 6616AC FC-6616AC: All versions

e-STUDIO 7516AC FC-7516AC: All versions

e-STUDIO 7616AC FC-7616AC: All versions

e-STUDIO 5518A DP-5518A: All versions

e-STUDIO 5618A DP-5618A: All versions

e-STUDIO 6518A DP-6518A: All versions

e-STUDIO 6618A DP-6618A: All versions

e-STUDIO 7518A DP-7518A: All versions

e-STUDIO 7618A DP-7618A: All versions

e-STUDIO 8518A DP-8518A: All versions

e-STUDIO 8618A DP-8618A: All versions

e-STUDIO 2000AC FC-2000AC: All versions

e-STUDIO 2500AC FC-2500AC: All versions

e-STUDIO 2005NC FC-2005AC: All versions

e-STUDIO 2505AC FC-2005AC: All versions

e-STUDIO 3005AC FC-2005AC: All versions

e-STUDIO 3505AC FC-2005AC: All versions

e-STUDIO 4505AC FC-2005AC: All versions

e-STUDIO 5005AC FC-2005AC: All versions

e-STUDIO 2008A DP-2008A: All versions

e-STUDIO 2508A DP-2508A: All versions

e-STUDIO 3008A DP-3008A: All versions

e-STUDIO 3008AG DP-3008AG: All versions

e-STUDIO 3508A DP-3508A: All versions

e-STUDIO 3508AG DP-3508AG: All versions

e-STUDIO 4508A DP-4508A: All versions

e-STUDIO 4508AG DP-4508AG: All versions

e-STUDIO 5008A DP-5008A: All versions

e-STUDIO 5506AC FC-5506AC: All versions

e-STUDIO 6506AC FC-6506AC: All versions

e-STUDIO 7506AC FC-7506AC: All versions

e-STUDIO 5508A DP-5508A: All versions

e-STUDIO 6508A DP-6508A: All versions

e-STUDIO 7508A DP-7508A: All versions

e-STUDIO 8508A DP-8508A: All versions

e-STUDIO 3508LP DP-3535: All versions

e-STUDIO 4508LP DP-4535: All versions

e-STUDIO 5008LP DP-5035: All versions

CPE2.3 External links

http://jvn.jp/en/vu/JVNVU97136265/index.html
http://www.toshibatec.com/information/20240531_01.html


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

How the attacker can exploit this vulnerability?

The attacker would have to send a specially crafted request to the affected device in order to exploit this vulnerability.

The attacker would have to login to the system and perform certain actions in order to exploit this vulnerability.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

20) Authentication bypass using an alternate path or channel

EUVDB-ID: #VU92534

Risk: Low

CVSSv3.1: 5.7 [CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-3496

CWE-ID: CWE-288 - Authentication Bypass Using an Alternate Path or Channel

Exploit availability: No

Description

The vulnerability allows a remote attacker to gain access to potentially sensitive information.

The vulnerability exists due to authentication bypass using an alternate path or channel. A remote attacker on the local network can gain unauthorized access to sensitive information on the system.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

e-STUDIO 2021AC FC-2021AC: All versions

e-STUDIO 2521AC FC-2521AC: All versions

e-STUDIO 2020AC FC-2020AC: All versions

e-STUDIO 2520AC FC-2520AC: All versions

e-STUDIO 2025NC FC-2025AC: All versions

e-STUDIO 2525AC FC-2525AC: All versions

e-STUDIO 3025AC FC-3025AC: All versions

e-STUDIO 3525AC FC-3525AC: All versions

e-STUDIO 3525ACG FC-3525ACG: All versions

e-STUDIO 4525AC FC-4525AC: All versions

e-STUDIO 4525ACG FC-4525ACG: All versions

e-STUDIO 5525AC FC-5525AC: All versions

e-STUDIO 5525ACG FC-5525ACG: All versions

e-STUDIO 6525AC FC-6525AC: All versions

e-STUDIO 6525ACG FC-6525ACG: All versions

e-STUDIO 2528A DP-2528A: All versions

e-STUDIO 3028A DP-3028A: All versions

e-STUDIO 3528A DP-3528A: All versions

e-STUDIO 3528AG DP-3528AG: All versions

e-STUDIO 4528A DP-4528A: All versions

e-STUDIO 4528AG DP-4528AG: All versions

e-STUDIO 5528A DP-5528A: All versions

e-STUDIO 6528A DP-6528A: All versions

e-STUDIO 6526AC FC-6526AC: All versions

e-STUDIO 6527AC FC-6527AC: All versions

e-STUDIO 7527AC FC-7527AC: All versions

e-STUDIO 6529A DP-6529A: All versions

e-STUDIO 7529A DP-7529A: All versions

e-STUDIO 9029A DP-9029A: All versions

e-STUDIO 330AC FC-330AC: All versions

e-STUDIO 400AC FC-400AC: All versions

e-STUDIO 2010AC FC-2010AC: All versions

e-STUDIO 2110AC FC-2110AC: All versions

e-STUDIO 2510AC FC-2510AC: All versions

e-STUDIO 2610AC FC-2610AC: All versions

e-STUDIO 2015NC FC-2015AC: All versions

e-STUDIO 2515AC FC-2515AC: All versions

e-STUDIO 2615AC FC-2615AC: All versions

e-STUDIO 3015AC FC-3015AC: All versions

e-STUDIO 3115AC FC-3115AC: All versions

e-STUDIO 3515AC FC-3515AC: All versions

e-STUDIO 3615AC FC-3615AC: All versions

e-STUDIO 4515AC FC-4515AC: All versions

e-STUDIO 4615AC FC-4615AC: All versions

e-STUDIO 5015AC FC-5015AC: All versions

e-STUDIO 5115AC FC-5115AC: All versions

e-STUDIO 2018A DP-2018A: All versions

e-STUDIO 2518A DP-2518A: All versions

e-STUDIO 2618A DP-2618A: All versions

e-STUDIO 3018A DP-3018A: All versions

e-STUDIO 3118A DP-3118A: All versions

e-STUDIO 3018AG DP-3018AG: All versions

e-STUDIO 3518A DP-3518A: All versions

e-STUDIO 3518AG DP-3518AG: All versions

e-STUDIO 3618A DP-3618A: All versions

e-STUDIO 3618AG DP-3618AG: All versions

e-STUDIO 4518A DP-4518A: All versions

e-STUDIO 4518AG DP-4518AG: All versions

e-STUDIO 4618A DP-4618A: All versions

e-STUDIO 4618AG DP-4618AG: All versions

e-STUDIO 5018A DP-5018A: All versions

e-STUDIO 5118A DP-5118A: All versions

e-STUDIO 5516AC FC-5516AC: All versions

e-STUDIO 5616AC FC-5616AC: All versions

e-STUDIO 6516AC FC-6516AC: All versions

e-STUDIO 6616AC FC-6616AC: All versions

e-STUDIO 7516AC FC-7516AC: All versions

e-STUDIO 7616AC FC-7616AC: All versions

e-STUDIO 5518A DP-5518A: All versions

e-STUDIO 5618A DP-5618A: All versions

e-STUDIO 6518A DP-6518A: All versions

e-STUDIO 6618A DP-6618A: All versions

e-STUDIO 7518A DP-7518A: All versions

e-STUDIO 7618A DP-7618A: All versions

e-STUDIO 8518A DP-8518A: All versions

e-STUDIO 8618A DP-8618A: All versions

e-STUDIO 2000AC FC-2000AC: All versions

e-STUDIO 2500AC FC-2500AC: All versions

e-STUDIO 2005NC FC-2005AC: All versions

e-STUDIO 2505AC FC-2005AC: All versions

e-STUDIO 3005AC FC-2005AC: All versions

e-STUDIO 3505AC FC-2005AC: All versions

e-STUDIO 4505AC FC-2005AC: All versions

e-STUDIO 5005AC FC-2005AC: All versions

e-STUDIO 2008A DP-2008A: All versions

e-STUDIO 2508A DP-2508A: All versions

e-STUDIO 3008A DP-3008A: All versions

e-STUDIO 3008AG DP-3008AG: All versions

e-STUDIO 3508A DP-3508A: All versions

e-STUDIO 3508AG DP-3508AG: All versions

e-STUDIO 4508A DP-4508A: All versions

e-STUDIO 4508AG DP-4508AG: All versions

e-STUDIO 5008A DP-5008A: All versions

e-STUDIO 5506AC FC-5506AC: All versions

e-STUDIO 6506AC FC-6506AC: All versions

e-STUDIO 7506AC FC-7506AC: All versions

e-STUDIO 5508A DP-5508A: All versions

e-STUDIO 6508A DP-6508A: All versions

e-STUDIO 7508A DP-7508A: All versions

e-STUDIO 8508A DP-8508A: All versions

e-STUDIO 3508LP DP-3535: All versions

e-STUDIO 4508LP DP-4535: All versions

e-STUDIO 5008LP DP-5035: All versions

CPE2.3 External links

http://jvn.jp/en/vu/JVNVU97136265/index.html
http://www.toshibatec.com/information/20240531_01.html


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the local network (LAN).

How the attacker can exploit this vulnerability?

The attacker would have to send a specially crafted request to the affected device in order to exploit this vulnerability.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

21) Path traversal

EUVDB-ID: #VU92549

Risk: Medium

CVSSv3.1: 7.7 [CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-3497

CWE-ID: CWE-22 - Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

Exploit availability: No

Description

The vulnerability allows a remote attacker to perform directory traversal attacks.

The vulnerability exists due to input validation error when processing directory traversal sequences. A remote attacker on the local network can send a specially crafted HTTP request and read arbitrary files on the system, leading to arbitrary code execution.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

e-STUDIO 2021AC FC-2021AC: All versions

e-STUDIO 2521AC FC-2521AC: All versions

e-STUDIO 2020AC FC-2020AC: All versions

e-STUDIO 2520AC FC-2520AC: All versions

e-STUDIO 2025NC FC-2025AC: All versions

e-STUDIO 2525AC FC-2525AC: All versions

e-STUDIO 3025AC FC-3025AC: All versions

e-STUDIO 3525AC FC-3525AC: All versions

e-STUDIO 3525ACG FC-3525ACG: All versions

e-STUDIO 4525AC FC-4525AC: All versions

e-STUDIO 4525ACG FC-4525ACG: All versions

e-STUDIO 5525AC FC-5525AC: All versions

e-STUDIO 5525ACG FC-5525ACG: All versions

e-STUDIO 6525AC FC-6525AC: All versions

e-STUDIO 6525ACG FC-6525ACG: All versions

e-STUDIO 2528A DP-2528A: All versions

e-STUDIO 3028A DP-3028A: All versions

e-STUDIO 3528A DP-3528A: All versions

e-STUDIO 3528AG DP-3528AG: All versions

e-STUDIO 4528A DP-4528A: All versions

e-STUDIO 4528AG DP-4528AG: All versions

e-STUDIO 5528A DP-5528A: All versions

e-STUDIO 6528A DP-6528A: All versions

e-STUDIO 6526AC FC-6526AC: All versions

e-STUDIO 6527AC FC-6527AC: All versions

e-STUDIO 7527AC FC-7527AC: All versions

e-STUDIO 6529A DP-6529A: All versions

e-STUDIO 7529A DP-7529A: All versions

e-STUDIO 9029A DP-9029A: All versions

e-STUDIO 330AC FC-330AC: All versions

e-STUDIO 400AC FC-400AC: All versions

e-STUDIO 2010AC FC-2010AC: All versions

e-STUDIO 2110AC FC-2110AC: All versions

e-STUDIO 2510AC FC-2510AC: All versions

e-STUDIO 2610AC FC-2610AC: All versions

e-STUDIO 2015NC FC-2015AC: All versions

e-STUDIO 2515AC FC-2515AC: All versions

e-STUDIO 2615AC FC-2615AC: All versions

e-STUDIO 3015AC FC-3015AC: All versions

e-STUDIO 3115AC FC-3115AC: All versions

e-STUDIO 3515AC FC-3515AC: All versions

e-STUDIO 3615AC FC-3615AC: All versions

e-STUDIO 4515AC FC-4515AC: All versions

e-STUDIO 4615AC FC-4615AC: All versions

e-STUDIO 5015AC FC-5015AC: All versions

e-STUDIO 5115AC FC-5115AC: All versions

e-STUDIO 2018A DP-2018A: All versions

e-STUDIO 2518A DP-2518A: All versions

e-STUDIO 2618A DP-2618A: All versions

e-STUDIO 3018A DP-3018A: All versions

e-STUDIO 3118A DP-3118A: All versions

e-STUDIO 3018AG DP-3018AG: All versions

e-STUDIO 3518A DP-3518A: All versions

e-STUDIO 3518AG DP-3518AG: All versions

e-STUDIO 3618A DP-3618A: All versions

e-STUDIO 3618AG DP-3618AG: All versions

e-STUDIO 4518A DP-4518A: All versions

e-STUDIO 4518AG DP-4518AG: All versions

e-STUDIO 4618A DP-4618A: All versions

e-STUDIO 4618AG DP-4618AG: All versions

e-STUDIO 5018A DP-5018A: All versions

e-STUDIO 5118A DP-5118A: All versions

e-STUDIO 5516AC FC-5516AC: All versions

e-STUDIO 5616AC FC-5616AC: All versions

e-STUDIO 6516AC FC-6516AC: All versions

e-STUDIO 6616AC FC-6616AC: All versions

e-STUDIO 7516AC FC-7516AC: All versions

e-STUDIO 7616AC FC-7616AC: All versions

e-STUDIO 5518A DP-5518A: All versions

e-STUDIO 5618A DP-5618A: All versions

e-STUDIO 6518A DP-6518A: All versions

e-STUDIO 6618A DP-6618A: All versions

e-STUDIO 7518A DP-7518A: All versions

e-STUDIO 7618A DP-7618A: All versions

e-STUDIO 8518A DP-8518A: All versions

e-STUDIO 8618A DP-8618A: All versions

e-STUDIO 2000AC FC-2000AC: All versions

e-STUDIO 2500AC FC-2500AC: All versions

e-STUDIO 2005NC FC-2005AC: All versions

e-STUDIO 2505AC FC-2005AC: All versions

e-STUDIO 3005AC FC-2005AC: All versions

e-STUDIO 3505AC FC-2005AC: All versions

e-STUDIO 4505AC FC-2005AC: All versions

e-STUDIO 5005AC FC-2005AC: All versions

e-STUDIO 2008A DP-2008A: All versions

e-STUDIO 2508A DP-2508A: All versions

e-STUDIO 3008A DP-3008A: All versions

e-STUDIO 3008AG DP-3008AG: All versions

e-STUDIO 3508A DP-3508A: All versions

e-STUDIO 3508AG DP-3508AG: All versions

e-STUDIO 4508A DP-4508A: All versions

e-STUDIO 4508AG DP-4508AG: All versions

e-STUDIO 5008A DP-5008A: All versions

e-STUDIO 5506AC FC-5506AC: All versions

e-STUDIO 6506AC FC-6506AC: All versions

e-STUDIO 7506AC FC-7506AC: All versions

e-STUDIO 5508A DP-5508A: All versions

e-STUDIO 6508A DP-6508A: All versions

e-STUDIO 7508A DP-7508A: All versions

e-STUDIO 8508A DP-8508A: All versions

e-STUDIO 3508LP DP-3535: All versions

e-STUDIO 4508LP DP-4535: All versions

e-STUDIO 5008LP DP-5035: All versions

CPE2.3 External links

http://jvn.jp/en/vu/JVNVU97136265/index.html
http://www.toshibatec.com/information/20240531_01.html


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the local network (LAN).

How the attacker can exploit this vulnerability?

The attacker would have to send a specially crafted request to the affected device in order to exploit this vulnerability.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

22) Inclusion of Sensitive Information in Log Files

EUVDB-ID: #VU92285

Risk: Low

CVSSv3.1: 5.4 [CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-27154

CWE-ID: CWE-532 - Information Exposure Through Log Files

Exploit availability: No

Description

The vulnerability allows a local attacker to gain access to sensitive information.

The vulnerability exists due to software stores sensitive information into log files. A local attacker can read the log files and gain access to sensitive data.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

e-STUDIO 2021AC FC-2021AC: All versions

e-STUDIO 2521AC FC-2521AC: All versions

e-STUDIO 2020AC FC-2020AC: All versions

e-STUDIO 2520AC FC-2520AC: All versions

e-STUDIO 2025NC FC-2025AC: All versions

e-STUDIO 2525AC FC-2525AC: All versions

e-STUDIO 3025AC FC-3025AC: All versions

e-STUDIO 3525AC FC-3525AC: All versions

e-STUDIO 3525ACG FC-3525ACG: All versions

e-STUDIO 4525AC FC-4525AC: All versions

e-STUDIO 4525ACG FC-4525ACG: All versions

e-STUDIO 5525AC FC-5525AC: All versions

e-STUDIO 5525ACG FC-5525ACG: All versions

e-STUDIO 6525AC FC-6525AC: All versions

e-STUDIO 6525ACG FC-6525ACG: All versions

e-STUDIO 2528A DP-2528A: All versions

e-STUDIO 3028A DP-3028A: All versions

e-STUDIO 3528A DP-3528A: All versions

e-STUDIO 3528AG DP-3528AG: All versions

e-STUDIO 4528A DP-4528A: All versions

e-STUDIO 4528AG DP-4528AG: All versions

e-STUDIO 5528A DP-5528A: All versions

e-STUDIO 6528A DP-6528A: All versions

e-STUDIO 6526AC FC-6526AC: All versions

e-STUDIO 6527AC FC-6527AC: All versions

e-STUDIO 7527AC FC-7527AC: All versions

e-STUDIO 6529A DP-6529A: All versions

e-STUDIO 7529A DP-7529A: All versions

e-STUDIO 9029A DP-9029A: All versions

e-STUDIO 330AC FC-330AC: All versions

e-STUDIO 400AC FC-400AC: All versions

e-STUDIO 2010AC FC-2010AC: All versions

e-STUDIO 2110AC FC-2110AC: All versions

e-STUDIO 2510AC FC-2510AC: All versions

e-STUDIO 2610AC FC-2610AC: All versions

e-STUDIO 2015NC FC-2015AC: All versions

e-STUDIO 2515AC FC-2515AC: All versions

e-STUDIO 2615AC FC-2615AC: All versions

e-STUDIO 3015AC FC-3015AC: All versions

e-STUDIO 3115AC FC-3115AC: All versions

e-STUDIO 3515AC FC-3515AC: All versions

e-STUDIO 3615AC FC-3615AC: All versions

e-STUDIO 4515AC FC-4515AC: All versions

e-STUDIO 4615AC FC-4615AC: All versions

e-STUDIO 5015AC FC-5015AC: All versions

e-STUDIO 5115AC FC-5115AC: All versions

e-STUDIO 2018A DP-2018A: All versions

e-STUDIO 2518A DP-2518A: All versions

e-STUDIO 2618A DP-2618A: All versions

e-STUDIO 3018A DP-3018A: All versions

e-STUDIO 3118A DP-3118A: All versions

e-STUDIO 3018AG DP-3018AG: All versions

e-STUDIO 3518A DP-3518A: All versions

e-STUDIO 3518AG DP-3518AG: All versions

e-STUDIO 3618A DP-3618A: All versions

e-STUDIO 3618AG DP-3618AG: All versions

e-STUDIO 4518A DP-4518A: All versions

e-STUDIO 4518AG DP-4518AG: All versions

e-STUDIO 4618A DP-4618A: All versions

e-STUDIO 4618AG DP-4618AG: All versions

e-STUDIO 5018A DP-5018A: All versions

e-STUDIO 5118A DP-5118A: All versions

e-STUDIO 5516AC FC-5516AC: All versions

e-STUDIO 5616AC FC-5616AC: All versions

e-STUDIO 6516AC FC-6516AC: All versions

e-STUDIO 6616AC FC-6616AC: All versions

e-STUDIO 7516AC FC-7516AC: All versions

e-STUDIO 7616AC FC-7616AC: All versions

e-STUDIO 5518A DP-5518A: All versions

e-STUDIO 5618A DP-5618A: All versions

e-STUDIO 6518A DP-6518A: All versions

e-STUDIO 6618A DP-6618A: All versions

e-STUDIO 7518A DP-7518A: All versions

e-STUDIO 7618A DP-7618A: All versions

e-STUDIO 8518A DP-8518A: All versions

e-STUDIO 8618A DP-8618A: All versions

e-STUDIO 2000AC FC-2000AC: All versions

e-STUDIO 2500AC FC-2500AC: All versions

e-STUDIO 2005NC FC-2005AC: All versions

e-STUDIO 2505AC FC-2005AC: All versions

e-STUDIO 3005AC FC-2005AC: All versions

e-STUDIO 3505AC FC-2005AC: All versions

e-STUDIO 4505AC FC-2005AC: All versions

e-STUDIO 5005AC FC-2005AC: All versions

e-STUDIO 2008A DP-2008A: All versions

e-STUDIO 2508A DP-2508A: All versions

e-STUDIO 3008A DP-3008A: All versions

e-STUDIO 3008AG DP-3008AG: All versions

e-STUDIO 3508A DP-3508A: All versions

e-STUDIO 3508AG DP-3508AG: All versions

e-STUDIO 4508A DP-4508A: All versions

e-STUDIO 4508AG DP-4508AG: All versions

e-STUDIO 5008A DP-5008A: All versions

e-STUDIO 5506AC FC-5506AC: All versions

e-STUDIO 6506AC FC-6506AC: All versions

e-STUDIO 7506AC FC-7506AC: All versions

e-STUDIO 5508A DP-5508A: All versions

e-STUDIO 6508A DP-6508A: All versions

e-STUDIO 7508A DP-7508A: All versions

e-STUDIO 8508A DP-8508A: All versions

e-STUDIO 3508LP DP-3535: All versions

e-STUDIO 4508LP DP-4535: All versions

e-STUDIO 5008LP DP-5035: All versions

CPE2.3 External links

http://jvn.jp/en/vu/JVNVU97136265/index.html
http://www.toshibatec.com/information/20240531_01.html


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

How the attacker can exploit this vulnerability?

The attacker would have to send a specially crafted request to the affected device in order to exploit this vulnerability.

The attacker would have to login to the system and perform certain actions in order to exploit this vulnerability.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

23) Path traversal

EUVDB-ID: #VU92278

Risk: High

CVSSv3.1: 8.5 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-27177

CWE-ID: CWE-22 - Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

Exploit availability: No

Description

The vulnerability allows a remote attacker to perform directory traversal attacks.

The vulnerability exists due to input validation error when processing directory traversal sequences. A remote attacker can send a specially crafted HTTP request and read arbitrary files on the system, leading to arbitrary code execution.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

e-STUDIO 2021AC FC-2021AC: All versions

e-STUDIO 2521AC FC-2521AC: All versions

e-STUDIO 2020AC FC-2020AC: All versions

e-STUDIO 2520AC FC-2520AC: All versions

e-STUDIO 2025NC FC-2025AC: All versions

e-STUDIO 2525AC FC-2525AC: All versions

e-STUDIO 3025AC FC-3025AC: All versions

e-STUDIO 3525AC FC-3525AC: All versions

e-STUDIO 3525ACG FC-3525ACG: All versions

e-STUDIO 4525AC FC-4525AC: All versions

e-STUDIO 4525ACG FC-4525ACG: All versions

e-STUDIO 5525AC FC-5525AC: All versions

e-STUDIO 5525ACG FC-5525ACG: All versions

e-STUDIO 6525AC FC-6525AC: All versions

e-STUDIO 6525ACG FC-6525ACG: All versions

e-STUDIO 2528A DP-2528A: All versions

e-STUDIO 3028A DP-3028A: All versions

e-STUDIO 3528A DP-3528A: All versions

e-STUDIO 3528AG DP-3528AG: All versions

e-STUDIO 4528A DP-4528A: All versions

e-STUDIO 4528AG DP-4528AG: All versions

e-STUDIO 5528A DP-5528A: All versions

e-STUDIO 6528A DP-6528A: All versions

e-STUDIO 6526AC FC-6526AC: All versions

e-STUDIO 6527AC FC-6527AC: All versions

e-STUDIO 7527AC FC-7527AC: All versions

e-STUDIO 6529A DP-6529A: All versions

e-STUDIO 7529A DP-7529A: All versions

e-STUDIO 9029A DP-9029A: All versions

e-STUDIO 330AC FC-330AC: All versions

e-STUDIO 400AC FC-400AC: All versions

e-STUDIO 2010AC FC-2010AC: All versions

e-STUDIO 2110AC FC-2110AC: All versions

e-STUDIO 2510AC FC-2510AC: All versions

e-STUDIO 2610AC FC-2610AC: All versions

e-STUDIO 2015NC FC-2015AC: All versions

e-STUDIO 2515AC FC-2515AC: All versions

e-STUDIO 2615AC FC-2615AC: All versions

e-STUDIO 3015AC FC-3015AC: All versions

e-STUDIO 3115AC FC-3115AC: All versions

e-STUDIO 3515AC FC-3515AC: All versions

e-STUDIO 3615AC FC-3615AC: All versions

e-STUDIO 4515AC FC-4515AC: All versions

e-STUDIO 4615AC FC-4615AC: All versions

e-STUDIO 5015AC FC-5015AC: All versions

e-STUDIO 5115AC FC-5115AC: All versions

e-STUDIO 2018A DP-2018A: All versions

e-STUDIO 2518A DP-2518A: All versions

e-STUDIO 2618A DP-2618A: All versions

e-STUDIO 3018A DP-3018A: All versions

e-STUDIO 3118A DP-3118A: All versions

e-STUDIO 3018AG DP-3018AG: All versions

e-STUDIO 3518A DP-3518A: All versions

e-STUDIO 3518AG DP-3518AG: All versions

e-STUDIO 3618A DP-3618A: All versions

e-STUDIO 3618AG DP-3618AG: All versions

e-STUDIO 4518A DP-4518A: All versions

e-STUDIO 4518AG DP-4518AG: All versions

e-STUDIO 4618A DP-4618A: All versions

e-STUDIO 4618AG DP-4618AG: All versions

e-STUDIO 5018A DP-5018A: All versions

e-STUDIO 5118A DP-5118A: All versions

e-STUDIO 5516AC FC-5516AC: All versions

e-STUDIO 5616AC FC-5616AC: All versions

e-STUDIO 6516AC FC-6516AC: All versions

e-STUDIO 6616AC FC-6616AC: All versions

e-STUDIO 7516AC FC-7516AC: All versions

e-STUDIO 7616AC FC-7616AC: All versions

e-STUDIO 5518A DP-5518A: All versions

e-STUDIO 5618A DP-5618A: All versions

e-STUDIO 6518A DP-6518A: All versions

e-STUDIO 6618A DP-6618A: All versions

e-STUDIO 7518A DP-7518A: All versions

e-STUDIO 7618A DP-7618A: All versions

e-STUDIO 8518A DP-8518A: All versions

e-STUDIO 8618A DP-8618A: All versions

e-STUDIO 2000AC FC-2000AC: All versions

e-STUDIO 2500AC FC-2500AC: All versions

e-STUDIO 2005NC FC-2005AC: All versions

e-STUDIO 2505AC FC-2005AC: All versions

e-STUDIO 3005AC FC-2005AC: All versions

e-STUDIO 3505AC FC-2005AC: All versions

e-STUDIO 4505AC FC-2005AC: All versions

e-STUDIO 5005AC FC-2005AC: All versions

e-STUDIO 2008A DP-2008A: All versions

e-STUDIO 2508A DP-2508A: All versions

e-STUDIO 3008A DP-3008A: All versions

e-STUDIO 3008AG DP-3008AG: All versions

e-STUDIO 3508A DP-3508A: All versions

e-STUDIO 3508AG DP-3508AG: All versions

e-STUDIO 4508A DP-4508A: All versions

e-STUDIO 4508AG DP-4508AG: All versions

e-STUDIO 5008A DP-5008A: All versions

e-STUDIO 5506AC FC-5506AC: All versions

e-STUDIO 6506AC FC-6506AC: All versions

e-STUDIO 7506AC FC-7506AC: All versions

e-STUDIO 5508A DP-5508A: All versions

e-STUDIO 6508A DP-6508A: All versions

e-STUDIO 7508A DP-7508A: All versions

e-STUDIO 8508A DP-8508A: All versions

e-STUDIO 3508LP DP-3535: All versions

e-STUDIO 4508LP DP-4535: All versions

e-STUDIO 5008LP DP-5035: All versions

CPE2.3 External links

http://jvn.jp/en/vu/JVNVU97136265/index.html
http://www.toshibatec.com/information/20240531_01.html


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

How the attacker can exploit this vulnerability?

The attacker would have to send a specially crafted request to the affected device in order to exploit this vulnerability.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

24) Incorrect default permissions

EUVDB-ID: #VU92266

Risk: Low

CVSSv3.1: 6.4 [CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-27150

CWE-ID: CWE-276 - Incorrect Default Permissions

Exploit availability: No

Description

The vulnerability allows a local attacker to execute arbitrary code on the system.

The vulnerability exists due to incorrect default permissions for files and folders that are set by the application. A local attacker can execute arbitrary code on the target system.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

e-STUDIO 2021AC FC-2021AC: All versions

e-STUDIO 2521AC FC-2521AC: All versions

e-STUDIO 2020AC FC-2020AC: All versions

e-STUDIO 2520AC FC-2520AC: All versions

e-STUDIO 2025NC FC-2025AC: All versions

e-STUDIO 2525AC FC-2525AC: All versions

e-STUDIO 3025AC FC-3025AC: All versions

e-STUDIO 3525AC FC-3525AC: All versions

e-STUDIO 3525ACG FC-3525ACG: All versions

e-STUDIO 4525AC FC-4525AC: All versions

e-STUDIO 4525ACG FC-4525ACG: All versions

e-STUDIO 5525AC FC-5525AC: All versions

e-STUDIO 5525ACG FC-5525ACG: All versions

e-STUDIO 6525AC FC-6525AC: All versions

e-STUDIO 6525ACG FC-6525ACG: All versions

e-STUDIO 2528A DP-2528A: All versions

e-STUDIO 3028A DP-3028A: All versions

e-STUDIO 3528A DP-3528A: All versions

e-STUDIO 3528AG DP-3528AG: All versions

e-STUDIO 4528A DP-4528A: All versions

e-STUDIO 4528AG DP-4528AG: All versions

e-STUDIO 5528A DP-5528A: All versions

e-STUDIO 6528A DP-6528A: All versions

e-STUDIO 6526AC FC-6526AC: All versions

e-STUDIO 6527AC FC-6527AC: All versions

e-STUDIO 7527AC FC-7527AC: All versions

e-STUDIO 6529A DP-6529A: All versions

e-STUDIO 7529A DP-7529A: All versions

e-STUDIO 9029A DP-9029A: All versions

e-STUDIO 330AC FC-330AC: All versions

e-STUDIO 400AC FC-400AC: All versions

e-STUDIO 2010AC FC-2010AC: All versions

e-STUDIO 2110AC FC-2110AC: All versions

e-STUDIO 2510AC FC-2510AC: All versions

e-STUDIO 2610AC FC-2610AC: All versions

e-STUDIO 2015NC FC-2015AC: All versions

e-STUDIO 2515AC FC-2515AC: All versions

e-STUDIO 2615AC FC-2615AC: All versions

e-STUDIO 3015AC FC-3015AC: All versions

e-STUDIO 3115AC FC-3115AC: All versions

e-STUDIO 3515AC FC-3515AC: All versions

e-STUDIO 3615AC FC-3615AC: All versions

e-STUDIO 4515AC FC-4515AC: All versions

e-STUDIO 4615AC FC-4615AC: All versions

e-STUDIO 5015AC FC-5015AC: All versions

e-STUDIO 5115AC FC-5115AC: All versions

e-STUDIO 2018A DP-2018A: All versions

e-STUDIO 2518A DP-2518A: All versions

e-STUDIO 2618A DP-2618A: All versions

e-STUDIO 3018A DP-3018A: All versions

e-STUDIO 3118A DP-3118A: All versions

e-STUDIO 3018AG DP-3018AG: All versions

e-STUDIO 3518A DP-3518A: All versions

e-STUDIO 3518AG DP-3518AG: All versions

e-STUDIO 3618A DP-3618A: All versions

e-STUDIO 3618AG DP-3618AG: All versions

e-STUDIO 4518A DP-4518A: All versions

e-STUDIO 4518AG DP-4518AG: All versions

e-STUDIO 4618A DP-4618A: All versions

e-STUDIO 4618AG DP-4618AG: All versions

e-STUDIO 5018A DP-5018A: All versions

e-STUDIO 5118A DP-5118A: All versions

e-STUDIO 5516AC FC-5516AC: All versions

e-STUDIO 5616AC FC-5616AC: All versions

e-STUDIO 6516AC FC-6516AC: All versions

e-STUDIO 6616AC FC-6616AC: All versions

e-STUDIO 7516AC FC-7516AC: All versions

e-STUDIO 7616AC FC-7616AC: All versions

e-STUDIO 5518A DP-5518A: All versions

e-STUDIO 5618A DP-5618A: All versions

e-STUDIO 6518A DP-6518A: All versions

e-STUDIO 6618A DP-6618A: All versions

e-STUDIO 7518A DP-7518A: All versions

e-STUDIO 7618A DP-7618A: All versions

e-STUDIO 8518A DP-8518A: All versions

e-STUDIO 8618A DP-8618A: All versions

e-STUDIO 2000AC FC-2000AC: All versions

e-STUDIO 2500AC FC-2500AC: All versions

e-STUDIO 2005NC FC-2005AC: All versions

e-STUDIO 2505AC FC-2005AC: All versions

e-STUDIO 3005AC FC-2005AC: All versions

e-STUDIO 3505AC FC-2005AC: All versions

e-STUDIO 4505AC FC-2005AC: All versions

e-STUDIO 5005AC FC-2005AC: All versions

e-STUDIO 2008A DP-2008A: All versions

e-STUDIO 2508A DP-2508A: All versions

e-STUDIO 3008A DP-3008A: All versions

e-STUDIO 3008AG DP-3008AG: All versions

e-STUDIO 3508A DP-3508A: All versions

e-STUDIO 3508AG DP-3508AG: All versions

e-STUDIO 4508A DP-4508A: All versions

e-STUDIO 4508AG DP-4508AG: All versions

e-STUDIO 5008A DP-5008A: All versions

e-STUDIO 5506AC FC-5506AC: All versions

e-STUDIO 6506AC FC-6506AC: All versions

e-STUDIO 7506AC FC-7506AC: All versions

e-STUDIO 5508A DP-5508A: All versions

e-STUDIO 6508A DP-6508A: All versions

e-STUDIO 7508A DP-7508A: All versions

e-STUDIO 8508A DP-8508A: All versions

e-STUDIO 3508LP DP-3535: All versions

e-STUDIO 4508LP DP-4535: All versions

e-STUDIO 5008LP DP-5035: All versions

CPE2.3 External links

http://jvn.jp/en/vu/JVNVU97136265/index.html
http://www.toshibatec.com/information/20240531_01.html


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

How the attacker can exploit this vulnerability?

The attacker would have to send a specially crafted request to the affected device in order to exploit this vulnerability.

The attacker would have to login to the system and perform certain actions in order to exploit this vulnerability.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

25) XML Entity Expansion

EUVDB-ID: #VU92254

Risk: Medium

CVSSv3.1: 5.2 [CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-27141

CWE-ID: CWE-776 - Improper Restriction of Recursive Entity References in DTDs ('XML Entity Expansion')

Exploit availability: No

Description

The vulnerability allows a remote attacker to perform a denial o service (DoS) attack.

The vulnerability exists due to improper restrictions on XML entities. A remote attacker can send a specially crafted HTTP request and cause a denial of service condition on the target system.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

e-STUDIO 2021AC FC-2021AC: All versions

e-STUDIO 2521AC FC-2521AC: All versions

e-STUDIO 2020AC FC-2020AC: All versions

e-STUDIO 2520AC FC-2520AC: All versions

e-STUDIO 2025NC FC-2025AC: All versions

e-STUDIO 2525AC FC-2525AC: All versions

e-STUDIO 3025AC FC-3025AC: All versions

e-STUDIO 3525AC FC-3525AC: All versions

e-STUDIO 3525ACG FC-3525ACG: All versions

e-STUDIO 4525AC FC-4525AC: All versions

e-STUDIO 4525ACG FC-4525ACG: All versions

e-STUDIO 5525AC FC-5525AC: All versions

e-STUDIO 5525ACG FC-5525ACG: All versions

e-STUDIO 6525AC FC-6525AC: All versions

e-STUDIO 6525ACG FC-6525ACG: All versions

e-STUDIO 2528A DP-2528A: All versions

e-STUDIO 3028A DP-3028A: All versions

e-STUDIO 3528A DP-3528A: All versions

e-STUDIO 3528AG DP-3528AG: All versions

e-STUDIO 4528A DP-4528A: All versions

e-STUDIO 4528AG DP-4528AG: All versions

e-STUDIO 5528A DP-5528A: All versions

e-STUDIO 6528A DP-6528A: All versions

e-STUDIO 6526AC FC-6526AC: All versions

e-STUDIO 6527AC FC-6527AC: All versions

e-STUDIO 7527AC FC-7527AC: All versions

e-STUDIO 6529A DP-6529A: All versions

e-STUDIO 7529A DP-7529A: All versions

e-STUDIO 9029A DP-9029A: All versions

e-STUDIO 330AC FC-330AC: All versions

e-STUDIO 400AC FC-400AC: All versions

e-STUDIO 2010AC FC-2010AC: All versions

e-STUDIO 2110AC FC-2110AC: All versions

e-STUDIO 2510AC FC-2510AC: All versions

e-STUDIO 2610AC FC-2610AC: All versions

e-STUDIO 2015NC FC-2015AC: All versions

e-STUDIO 2515AC FC-2515AC: All versions

e-STUDIO 2615AC FC-2615AC: All versions

e-STUDIO 3015AC FC-3015AC: All versions

e-STUDIO 3115AC FC-3115AC: All versions

e-STUDIO 3515AC FC-3515AC: All versions

e-STUDIO 3615AC FC-3615AC: All versions

e-STUDIO 4515AC FC-4515AC: All versions

e-STUDIO 4615AC FC-4615AC: All versions

e-STUDIO 5015AC FC-5015AC: All versions

e-STUDIO 5115AC FC-5115AC: All versions

e-STUDIO 2018A DP-2018A: All versions

e-STUDIO 2518A DP-2518A: All versions

e-STUDIO 2618A DP-2618A: All versions

e-STUDIO 3018A DP-3018A: All versions

e-STUDIO 3118A DP-3118A: All versions

e-STUDIO 3018AG DP-3018AG: All versions

e-STUDIO 3518A DP-3518A: All versions

e-STUDIO 3518AG DP-3518AG: All versions

e-STUDIO 3618A DP-3618A: All versions

e-STUDIO 3618AG DP-3618AG: All versions

e-STUDIO 4518A DP-4518A: All versions

e-STUDIO 4518AG DP-4518AG: All versions

e-STUDIO 4618A DP-4618A: All versions

e-STUDIO 4618AG DP-4618AG: All versions

e-STUDIO 5018A DP-5018A: All versions

e-STUDIO 5118A DP-5118A: All versions

e-STUDIO 5516AC FC-5516AC: All versions

e-STUDIO 5616AC FC-5616AC: All versions

e-STUDIO 6516AC FC-6516AC: All versions

e-STUDIO 6616AC FC-6616AC: All versions

e-STUDIO 7516AC FC-7516AC: All versions

e-STUDIO 7616AC FC-7616AC: All versions

e-STUDIO 5518A DP-5518A: All versions

e-STUDIO 5618A DP-5618A: All versions

e-STUDIO 6518A DP-6518A: All versions

e-STUDIO 6618A DP-6618A: All versions

e-STUDIO 7518A DP-7518A: All versions

e-STUDIO 7618A DP-7618A: All versions

e-STUDIO 8518A DP-8518A: All versions

e-STUDIO 8618A DP-8618A: All versions

e-STUDIO 2000AC FC-2000AC: All versions

e-STUDIO 2500AC FC-2500AC: All versions

e-STUDIO 2005NC FC-2005AC: All versions

e-STUDIO 2505AC FC-2005AC: All versions

e-STUDIO 3005AC FC-2005AC: All versions

e-STUDIO 3505AC FC-2005AC: All versions

e-STUDIO 4505AC FC-2005AC: All versions

e-STUDIO 5005AC FC-2005AC: All versions

e-STUDIO 2008A DP-2008A: All versions

e-STUDIO 2508A DP-2508A: All versions

e-STUDIO 3008A DP-3008A: All versions

e-STUDIO 3008AG DP-3008AG: All versions

e-STUDIO 3508A DP-3508A: All versions

e-STUDIO 3508AG DP-3508AG: All versions

e-STUDIO 4508A DP-4508A: All versions

e-STUDIO 4508AG DP-4508AG: All versions

e-STUDIO 5008A DP-5008A: All versions

e-STUDIO 5506AC FC-5506AC: All versions

e-STUDIO 6506AC FC-6506AC: All versions

e-STUDIO 7506AC FC-7506AC: All versions

e-STUDIO 5508A DP-5508A: All versions

e-STUDIO 6508A DP-6508A: All versions

e-STUDIO 7508A DP-7508A: All versions

e-STUDIO 8508A DP-8508A: All versions

e-STUDIO 3508LP DP-3535: All versions

e-STUDIO 4508LP DP-4535: All versions

e-STUDIO 5008LP DP-5035: All versions

CPE2.3 External links

http://jvn.jp/en/vu/JVNVU97136265/index.html
http://www.toshibatec.com/information/20240531_01.html


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

How the attacker can exploit this vulnerability?

The attacker would have to send a specially crafted request to the affected device in order to exploit this vulnerability.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

26) XML Entity Expansion

EUVDB-ID: #VU92255

Risk: Medium

CVSSv3.1: 5.2 [CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-27142

CWE-ID: CWE-776 - Improper Restriction of Recursive Entity References in DTDs ('XML Entity Expansion')

Exploit availability: No

Description

The vulnerability allows a remote attacker to perform a denial o service (DoS) attack.

The vulnerability exists due to improper restrictions on XML entities. A remote attacker can send a specially crafted HTTP request and cause a denial of service condition on the target system.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

e-STUDIO 2021AC FC-2021AC: All versions

e-STUDIO 2521AC FC-2521AC: All versions

e-STUDIO 2020AC FC-2020AC: All versions

e-STUDIO 2520AC FC-2520AC: All versions

e-STUDIO 2025NC FC-2025AC: All versions

e-STUDIO 2525AC FC-2525AC: All versions

e-STUDIO 3025AC FC-3025AC: All versions

e-STUDIO 3525AC FC-3525AC: All versions

e-STUDIO 3525ACG FC-3525ACG: All versions

e-STUDIO 4525AC FC-4525AC: All versions

e-STUDIO 4525ACG FC-4525ACG: All versions

e-STUDIO 5525AC FC-5525AC: All versions

e-STUDIO 5525ACG FC-5525ACG: All versions

e-STUDIO 6525AC FC-6525AC: All versions

e-STUDIO 6525ACG FC-6525ACG: All versions

e-STUDIO 2528A DP-2528A: All versions

e-STUDIO 3028A DP-3028A: All versions

e-STUDIO 3528A DP-3528A: All versions

e-STUDIO 3528AG DP-3528AG: All versions

e-STUDIO 4528A DP-4528A: All versions

e-STUDIO 4528AG DP-4528AG: All versions

e-STUDIO 5528A DP-5528A: All versions

e-STUDIO 6528A DP-6528A: All versions

e-STUDIO 6526AC FC-6526AC: All versions

e-STUDIO 6527AC FC-6527AC: All versions

e-STUDIO 7527AC FC-7527AC: All versions

e-STUDIO 6529A DP-6529A: All versions

e-STUDIO 7529A DP-7529A: All versions

e-STUDIO 9029A DP-9029A: All versions

e-STUDIO 330AC FC-330AC: All versions

e-STUDIO 400AC FC-400AC: All versions

e-STUDIO 2010AC FC-2010AC: All versions

e-STUDIO 2110AC FC-2110AC: All versions

e-STUDIO 2510AC FC-2510AC: All versions

e-STUDIO 2610AC FC-2610AC: All versions

e-STUDIO 2015NC FC-2015AC: All versions

e-STUDIO 2515AC FC-2515AC: All versions

e-STUDIO 2615AC FC-2615AC: All versions

e-STUDIO 3015AC FC-3015AC: All versions

e-STUDIO 3115AC FC-3115AC: All versions

e-STUDIO 3515AC FC-3515AC: All versions

e-STUDIO 3615AC FC-3615AC: All versions

e-STUDIO 4515AC FC-4515AC: All versions

e-STUDIO 4615AC FC-4615AC: All versions

e-STUDIO 5015AC FC-5015AC: All versions

e-STUDIO 5115AC FC-5115AC: All versions

e-STUDIO 2018A DP-2018A: All versions

e-STUDIO 2518A DP-2518A: All versions

e-STUDIO 2618A DP-2618A: All versions

e-STUDIO 3018A DP-3018A: All versions

e-STUDIO 3118A DP-3118A: All versions

e-STUDIO 3018AG DP-3018AG: All versions

e-STUDIO 3518A DP-3518A: All versions

e-STUDIO 3518AG DP-3518AG: All versions

e-STUDIO 3618A DP-3618A: All versions

e-STUDIO 3618AG DP-3618AG: All versions

e-STUDIO 4518A DP-4518A: All versions

e-STUDIO 4518AG DP-4518AG: All versions

e-STUDIO 4618A DP-4618A: All versions

e-STUDIO 4618AG DP-4618AG: All versions

e-STUDIO 5018A DP-5018A: All versions

e-STUDIO 5118A DP-5118A: All versions

e-STUDIO 5516AC FC-5516AC: All versions

e-STUDIO 5616AC FC-5616AC: All versions

e-STUDIO 6516AC FC-6516AC: All versions

e-STUDIO 6616AC FC-6616AC: All versions

e-STUDIO 7516AC FC-7516AC: All versions

e-STUDIO 7616AC FC-7616AC: All versions

e-STUDIO 5518A DP-5518A: All versions

e-STUDIO 5618A DP-5618A: All versions

e-STUDIO 6518A DP-6518A: All versions

e-STUDIO 6618A DP-6618A: All versions

e-STUDIO 7518A DP-7518A: All versions

e-STUDIO 7618A DP-7618A: All versions

e-STUDIO 8518A DP-8518A: All versions

e-STUDIO 8618A DP-8618A: All versions

e-STUDIO 2000AC FC-2000AC: All versions

e-STUDIO 2500AC FC-2500AC: All versions

e-STUDIO 2005NC FC-2005AC: All versions

e-STUDIO 2505AC FC-2005AC: All versions

e-STUDIO 3005AC FC-2005AC: All versions

e-STUDIO 3505AC FC-2005AC: All versions

e-STUDIO 4505AC FC-2005AC: All versions

e-STUDIO 5005AC FC-2005AC: All versions

e-STUDIO 2008A DP-2008A: All versions

e-STUDIO 2508A DP-2508A: All versions

e-STUDIO 3008A DP-3008A: All versions

e-STUDIO 3008AG DP-3008AG: All versions

e-STUDIO 3508A DP-3508A: All versions

e-STUDIO 3508AG DP-3508AG: All versions

e-STUDIO 4508A DP-4508A: All versions

e-STUDIO 4508AG DP-4508AG: All versions

e-STUDIO 5008A DP-5008A: All versions

e-STUDIO 5506AC FC-5506AC: All versions

e-STUDIO 6506AC FC-6506AC: All versions

e-STUDIO 7506AC FC-7506AC: All versions

e-STUDIO 5508A DP-5508A: All versions

e-STUDIO 6508A DP-6508A: All versions

e-STUDIO 7508A DP-7508A: All versions

e-STUDIO 8508A DP-8508A: All versions

e-STUDIO 3508LP DP-3535: All versions

e-STUDIO 4508LP DP-4535: All versions

e-STUDIO 5008LP DP-5035: All versions

CPE2.3 External links

http://jvn.jp/en/vu/JVNVU97136265/index.html
http://www.toshibatec.com/information/20240531_01.html


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

How the attacker can exploit this vulnerability?

The attacker would have to send a specially crafted request to the affected device in order to exploit this vulnerability.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

27) Execution with unnecessary privileges

EUVDB-ID: #VU92257

Risk: High

CVSSv3.1: 8.5 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-27143

CWE-ID: CWE-250 - Execution with Unnecessary Privileges

Exploit availability: No

Description

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to application does not properly impose security restrictions. A remote attacker can execute arbitrary code on the system with root privileges.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

e-STUDIO 2021AC FC-2021AC: All versions

e-STUDIO 2521AC FC-2521AC: All versions

e-STUDIO 2020AC FC-2020AC: All versions

e-STUDIO 2520AC FC-2520AC: All versions

e-STUDIO 2025NC FC-2025AC: All versions

e-STUDIO 2525AC FC-2525AC: All versions

e-STUDIO 3025AC FC-3025AC: All versions

e-STUDIO 3525AC FC-3525AC: All versions

e-STUDIO 3525ACG FC-3525ACG: All versions

e-STUDIO 4525AC FC-4525AC: All versions

e-STUDIO 4525ACG FC-4525ACG: All versions

e-STUDIO 5525AC FC-5525AC: All versions

e-STUDIO 5525ACG FC-5525ACG: All versions

e-STUDIO 6525AC FC-6525AC: All versions

e-STUDIO 6525ACG FC-6525ACG: All versions

e-STUDIO 2528A DP-2528A: All versions

e-STUDIO 3028A DP-3028A: All versions

e-STUDIO 3528A DP-3528A: All versions

e-STUDIO 3528AG DP-3528AG: All versions

e-STUDIO 4528A DP-4528A: All versions

e-STUDIO 4528AG DP-4528AG: All versions

e-STUDIO 5528A DP-5528A: All versions

e-STUDIO 6528A DP-6528A: All versions

e-STUDIO 6526AC FC-6526AC: All versions

e-STUDIO 6527AC FC-6527AC: All versions

e-STUDIO 7527AC FC-7527AC: All versions

e-STUDIO 6529A DP-6529A: All versions

e-STUDIO 7529A DP-7529A: All versions

e-STUDIO 9029A DP-9029A: All versions

e-STUDIO 330AC FC-330AC: All versions

e-STUDIO 400AC FC-400AC: All versions

e-STUDIO 2010AC FC-2010AC: All versions

e-STUDIO 2110AC FC-2110AC: All versions

e-STUDIO 2510AC FC-2510AC: All versions

e-STUDIO 2610AC FC-2610AC: All versions

e-STUDIO 2015NC FC-2015AC: All versions

e-STUDIO 2515AC FC-2515AC: All versions

e-STUDIO 2615AC FC-2615AC: All versions

e-STUDIO 3015AC FC-3015AC: All versions

e-STUDIO 3115AC FC-3115AC: All versions

e-STUDIO 3515AC FC-3515AC: All versions

e-STUDIO 3615AC FC-3615AC: All versions

e-STUDIO 4515AC FC-4515AC: All versions

e-STUDIO 4615AC FC-4615AC: All versions

e-STUDIO 5015AC FC-5015AC: All versions

e-STUDIO 5115AC FC-5115AC: All versions

e-STUDIO 2018A DP-2018A: All versions

e-STUDIO 2518A DP-2518A: All versions

e-STUDIO 2618A DP-2618A: All versions

e-STUDIO 3018A DP-3018A: All versions

e-STUDIO 3118A DP-3118A: All versions

e-STUDIO 3018AG DP-3018AG: All versions

e-STUDIO 3518A DP-3518A: All versions

e-STUDIO 3518AG DP-3518AG: All versions

e-STUDIO 3618A DP-3618A: All versions

e-STUDIO 3618AG DP-3618AG: All versions

e-STUDIO 4518A DP-4518A: All versions

e-STUDIO 4518AG DP-4518AG: All versions

e-STUDIO 4618A DP-4618A: All versions

e-STUDIO 4618AG DP-4618AG: All versions

e-STUDIO 5018A DP-5018A: All versions

e-STUDIO 5118A DP-5118A: All versions

e-STUDIO 5516AC FC-5516AC: All versions

e-STUDIO 5616AC FC-5616AC: All versions

e-STUDIO 6516AC FC-6516AC: All versions

e-STUDIO 6616AC FC-6616AC: All versions

e-STUDIO 7516AC FC-7516AC: All versions

e-STUDIO 7616AC FC-7616AC: All versions

e-STUDIO 5518A DP-5518A: All versions

e-STUDIO 5618A DP-5618A: All versions

e-STUDIO 6518A DP-6518A: All versions

e-STUDIO 6618A DP-6618A: All versions

e-STUDIO 7518A DP-7518A: All versions

e-STUDIO 7618A DP-7618A: All versions

e-STUDIO 8518A DP-8518A: All versions

e-STUDIO 8618A DP-8618A: All versions

e-STUDIO 2000AC FC-2000AC: All versions

e-STUDIO 2500AC FC-2500AC: All versions

e-STUDIO 2005NC FC-2005AC: All versions

e-STUDIO 2505AC FC-2005AC: All versions

e-STUDIO 3005AC FC-2005AC: All versions

e-STUDIO 3505AC FC-2005AC: All versions

e-STUDIO 4505AC FC-2005AC: All versions

e-STUDIO 5005AC FC-2005AC: All versions

e-STUDIO 2008A DP-2008A: All versions

e-STUDIO 2508A DP-2508A: All versions

e-STUDIO 3008A DP-3008A: All versions

e-STUDIO 3008AG DP-3008AG: All versions

e-STUDIO 3508A DP-3508A: All versions

e-STUDIO 3508AG DP-3508AG: All versions

e-STUDIO 4508A DP-4508A: All versions

e-STUDIO 4508AG DP-4508AG: All versions

e-STUDIO 5008A DP-5008A: All versions

e-STUDIO 5506AC FC-5506AC: All versions

e-STUDIO 6506AC FC-6506AC: All versions

e-STUDIO 7506AC FC-7506AC: All versions

e-STUDIO 5508A DP-5508A: All versions

e-STUDIO 6508A DP-6508A: All versions

e-STUDIO 7508A DP-7508A: All versions

e-STUDIO 8508A DP-8508A: All versions

e-STUDIO 3508LP DP-3535: All versions

e-STUDIO 4508LP DP-4535: All versions

e-STUDIO 5008LP DP-5035: All versions

CPE2.3 External links

http://jvn.jp/en/vu/JVNVU97136265/index.html
http://www.toshibatec.com/information/20240531_01.html


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

How the attacker can exploit this vulnerability?

The attacker would have to send a specially crafted request to the affected device in order to exploit this vulnerability.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

28) Execution with unnecessary privileges

EUVDB-ID: #VU92258

Risk: High

CVSSv3.1: 8.5 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-27146

CWE-ID: CWE-250 - Execution with Unnecessary Privileges

Exploit availability: No

Description

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to application does not properly impose security restrictions. A remote attacker can execute arbitrary code on the system with root privileges.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

e-STUDIO 2021AC FC-2021AC: All versions

e-STUDIO 2521AC FC-2521AC: All versions

e-STUDIO 2020AC FC-2020AC: All versions

e-STUDIO 2520AC FC-2520AC: All versions

e-STUDIO 2025NC FC-2025AC: All versions

e-STUDIO 2525AC FC-2525AC: All versions

e-STUDIO 3025AC FC-3025AC: All versions

e-STUDIO 3525AC FC-3525AC: All versions

e-STUDIO 3525ACG FC-3525ACG: All versions

e-STUDIO 4525AC FC-4525AC: All versions

e-STUDIO 4525ACG FC-4525ACG: All versions

e-STUDIO 5525AC FC-5525AC: All versions

e-STUDIO 5525ACG FC-5525ACG: All versions

e-STUDIO 6525AC FC-6525AC: All versions

e-STUDIO 6525ACG FC-6525ACG: All versions

e-STUDIO 2528A DP-2528A: All versions

e-STUDIO 3028A DP-3028A: All versions

e-STUDIO 3528A DP-3528A: All versions

e-STUDIO 3528AG DP-3528AG: All versions

e-STUDIO 4528A DP-4528A: All versions

e-STUDIO 4528AG DP-4528AG: All versions

e-STUDIO 5528A DP-5528A: All versions

e-STUDIO 6528A DP-6528A: All versions

e-STUDIO 6526AC FC-6526AC: All versions

e-STUDIO 6527AC FC-6527AC: All versions

e-STUDIO 7527AC FC-7527AC: All versions

e-STUDIO 6529A DP-6529A: All versions

e-STUDIO 7529A DP-7529A: All versions

e-STUDIO 9029A DP-9029A: All versions

e-STUDIO 330AC FC-330AC: All versions

e-STUDIO 400AC FC-400AC: All versions

e-STUDIO 2010AC FC-2010AC: All versions

e-STUDIO 2110AC FC-2110AC: All versions

e-STUDIO 2510AC FC-2510AC: All versions

e-STUDIO 2610AC FC-2610AC: All versions

e-STUDIO 2015NC FC-2015AC: All versions

e-STUDIO 2515AC FC-2515AC: All versions

e-STUDIO 2615AC FC-2615AC: All versions

e-STUDIO 3015AC FC-3015AC: All versions

e-STUDIO 3115AC FC-3115AC: All versions

e-STUDIO 3515AC FC-3515AC: All versions

e-STUDIO 3615AC FC-3615AC: All versions

e-STUDIO 4515AC FC-4515AC: All versions

e-STUDIO 4615AC FC-4615AC: All versions

e-STUDIO 5015AC FC-5015AC: All versions

e-STUDIO 5115AC FC-5115AC: All versions

e-STUDIO 2018A DP-2018A: All versions

e-STUDIO 2518A DP-2518A: All versions

e-STUDIO 2618A DP-2618A: All versions

e-STUDIO 3018A DP-3018A: All versions

e-STUDIO 3118A DP-3118A: All versions

e-STUDIO 3018AG DP-3018AG: All versions

e-STUDIO 3518A DP-3518A: All versions

e-STUDIO 3518AG DP-3518AG: All versions

e-STUDIO 3618A DP-3618A: All versions

e-STUDIO 3618AG DP-3618AG: All versions

e-STUDIO 4518A DP-4518A: All versions

e-STUDIO 4518AG DP-4518AG: All versions

e-STUDIO 4618A DP-4618A: All versions

e-STUDIO 4618AG DP-4618AG: All versions

e-STUDIO 5018A DP-5018A: All versions

e-STUDIO 5118A DP-5118A: All versions

e-STUDIO 5516AC FC-5516AC: All versions

e-STUDIO 5616AC FC-5616AC: All versions

e-STUDIO 6516AC FC-6516AC: All versions

e-STUDIO 6616AC FC-6616AC: All versions

e-STUDIO 7516AC FC-7516AC: All versions

e-STUDIO 7616AC FC-7616AC: All versions

e-STUDIO 5518A DP-5518A: All versions

e-STUDIO 5618A DP-5618A: All versions

e-STUDIO 6518A DP-6518A: All versions

e-STUDIO 6618A DP-6618A: All versions

e-STUDIO 7518A DP-7518A: All versions

e-STUDIO 7618A DP-7618A: All versions

e-STUDIO 8518A DP-8518A: All versions

e-STUDIO 8618A DP-8618A: All versions

e-STUDIO 2000AC FC-2000AC: All versions

e-STUDIO 2500AC FC-2500AC: All versions

e-STUDIO 2005NC FC-2005AC: All versions

e-STUDIO 2505AC FC-2005AC: All versions

e-STUDIO 3005AC FC-2005AC: All versions

e-STUDIO 3505AC FC-2005AC: All versions

e-STUDIO 4505AC FC-2005AC: All versions

e-STUDIO 5005AC FC-2005AC: All versions

e-STUDIO 2008A DP-2008A: All versions

e-STUDIO 2508A DP-2508A: All versions

e-STUDIO 3008A DP-3008A: All versions

e-STUDIO 3008AG DP-3008AG: All versions

e-STUDIO 3508A DP-3508A: All versions

e-STUDIO 3508AG DP-3508AG: All versions

e-STUDIO 4508A DP-4508A: All versions

e-STUDIO 4508AG DP-4508AG: All versions

e-STUDIO 5008A DP-5008A: All versions

e-STUDIO 5506AC FC-5506AC: All versions

e-STUDIO 6506AC FC-6506AC: All versions

e-STUDIO 7506AC FC-7506AC: All versions

e-STUDIO 5508A DP-5508A: All versions

e-STUDIO 6508A DP-6508A: All versions

e-STUDIO 7508A DP-7508A: All versions

e-STUDIO 8508A DP-8508A: All versions

e-STUDIO 3508LP DP-3535: All versions

e-STUDIO 4508LP DP-4535: All versions

e-STUDIO 5008LP DP-5035: All versions

CPE2.3 External links

http://jvn.jp/en/vu/JVNVU97136265/index.html
http://www.toshibatec.com/information/20240531_01.html


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

How the attacker can exploit this vulnerability?

The attacker would have to send a specially crafted request to the affected device in order to exploit this vulnerability.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

29) Execution with unnecessary privileges

EUVDB-ID: #VU92259

Risk: High

CVSSv3.1: 8.5 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-27147

CWE-ID: CWE-250 - Execution with Unnecessary Privileges

Exploit availability: No

Description

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to application does not properly impose security restrictions. A remote attacker can execute arbitrary code on the system with root privileges.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

e-STUDIO 2021AC FC-2021AC: All versions

e-STUDIO 2521AC FC-2521AC: All versions

e-STUDIO 2020AC FC-2020AC: All versions

e-STUDIO 2520AC FC-2520AC: All versions

e-STUDIO 2025NC FC-2025AC: All versions

e-STUDIO 2525AC FC-2525AC: All versions

e-STUDIO 3025AC FC-3025AC: All versions

e-STUDIO 3525AC FC-3525AC: All versions

e-STUDIO 3525ACG FC-3525ACG: All versions

e-STUDIO 4525AC FC-4525AC: All versions

e-STUDIO 4525ACG FC-4525ACG: All versions

e-STUDIO 5525AC FC-5525AC: All versions

e-STUDIO 5525ACG FC-5525ACG: All versions

e-STUDIO 6525AC FC-6525AC: All versions

e-STUDIO 6525ACG FC-6525ACG: All versions

e-STUDIO 2528A DP-2528A: All versions

e-STUDIO 3028A DP-3028A: All versions

e-STUDIO 3528A DP-3528A: All versions

e-STUDIO 3528AG DP-3528AG: All versions

e-STUDIO 4528A DP-4528A: All versions

e-STUDIO 4528AG DP-4528AG: All versions

e-STUDIO 5528A DP-5528A: All versions

e-STUDIO 6528A DP-6528A: All versions

e-STUDIO 6526AC FC-6526AC: All versions

e-STUDIO 6527AC FC-6527AC: All versions

e-STUDIO 7527AC FC-7527AC: All versions

e-STUDIO 6529A DP-6529A: All versions

e-STUDIO 7529A DP-7529A: All versions

e-STUDIO 9029A DP-9029A: All versions

e-STUDIO 330AC FC-330AC: All versions

e-STUDIO 400AC FC-400AC: All versions

e-STUDIO 2010AC FC-2010AC: All versions

e-STUDIO 2110AC FC-2110AC: All versions

e-STUDIO 2510AC FC-2510AC: All versions

e-STUDIO 2610AC FC-2610AC: All versions

e-STUDIO 2015NC FC-2015AC: All versions

e-STUDIO 2515AC FC-2515AC: All versions

e-STUDIO 2615AC FC-2615AC: All versions

e-STUDIO 3015AC FC-3015AC: All versions

e-STUDIO 3115AC FC-3115AC: All versions

e-STUDIO 3515AC FC-3515AC: All versions

e-STUDIO 3615AC FC-3615AC: All versions

e-STUDIO 4515AC FC-4515AC: All versions

e-STUDIO 4615AC FC-4615AC: All versions

e-STUDIO 5015AC FC-5015AC: All versions

e-STUDIO 5115AC FC-5115AC: All versions

e-STUDIO 2018A DP-2018A: All versions

e-STUDIO 2518A DP-2518A: All versions

e-STUDIO 2618A DP-2618A: All versions

e-STUDIO 3018A DP-3018A: All versions

e-STUDIO 3118A DP-3118A: All versions

e-STUDIO 3018AG DP-3018AG: All versions

e-STUDIO 3518A DP-3518A: All versions

e-STUDIO 3518AG DP-3518AG: All versions

e-STUDIO 3618A DP-3618A: All versions

e-STUDIO 3618AG DP-3618AG: All versions

e-STUDIO 4518A DP-4518A: All versions

e-STUDIO 4518AG DP-4518AG: All versions

e-STUDIO 4618A DP-4618A: All versions

e-STUDIO 4618AG DP-4618AG: All versions

e-STUDIO 5018A DP-5018A: All versions

e-STUDIO 5118A DP-5118A: All versions

e-STUDIO 5516AC FC-5516AC: All versions

e-STUDIO 5616AC FC-5616AC: All versions

e-STUDIO 6516AC FC-6516AC: All versions

e-STUDIO 6616AC FC-6616AC: All versions

e-STUDIO 7516AC FC-7516AC: All versions

e-STUDIO 7616AC FC-7616AC: All versions

e-STUDIO 5518A DP-5518A: All versions

e-STUDIO 5618A DP-5618A: All versions

e-STUDIO 6518A DP-6518A: All versions

e-STUDIO 6618A DP-6618A: All versions

e-STUDIO 7518A DP-7518A: All versions

e-STUDIO 7618A DP-7618A: All versions

e-STUDIO 8518A DP-8518A: All versions

e-STUDIO 8618A DP-8618A: All versions

e-STUDIO 2000AC FC-2000AC: All versions

e-STUDIO 2500AC FC-2500AC: All versions

e-STUDIO 2005NC FC-2005AC: All versions

e-STUDIO 2505AC FC-2005AC: All versions

e-STUDIO 3005AC FC-2005AC: All versions

e-STUDIO 3505AC FC-2005AC: All versions

e-STUDIO 4505AC FC-2005AC: All versions

e-STUDIO 5005AC FC-2005AC: All versions

e-STUDIO 2008A DP-2008A: All versions

e-STUDIO 2508A DP-2508A: All versions

e-STUDIO 3008A DP-3008A: All versions

e-STUDIO 3008AG DP-3008AG: All versions

e-STUDIO 3508A DP-3508A: All versions

e-STUDIO 3508AG DP-3508AG: All versions

e-STUDIO 4508A DP-4508A: All versions

e-STUDIO 4508AG DP-4508AG: All versions

e-STUDIO 5008A DP-5008A: All versions

e-STUDIO 5506AC FC-5506AC: All versions

e-STUDIO 6506AC FC-6506AC: All versions

e-STUDIO 7506AC FC-7506AC: All versions

e-STUDIO 5508A DP-5508A: All versions

e-STUDIO 6508A DP-6508A: All versions

e-STUDIO 7508A DP-7508A: All versions

e-STUDIO 8508A DP-8508A: All versions

e-STUDIO 3508LP DP-3535: All versions

e-STUDIO 4508LP DP-4535: All versions

e-STUDIO 5008LP DP-5035: All versions

CPE2.3 External links

http://jvn.jp/en/vu/JVNVU97136265/index.html
http://www.toshibatec.com/information/20240531_01.html


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

How the attacker can exploit this vulnerability?

The attacker would have to send a specially crafted request to the affected device in order to exploit this vulnerability.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

30) Execution with unnecessary privileges

EUVDB-ID: #VU92261

Risk: High

CVSSv3.1: 8.5 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-3498

CWE-ID: CWE-250 - Execution with Unnecessary Privileges

Exploit availability: No

Description

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to application does not properly impose security restrictions. A remote attacker can execute arbitrary code on the system with root privileges.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

e-STUDIO 2021AC FC-2021AC: All versions

e-STUDIO 2521AC FC-2521AC: All versions

e-STUDIO 2020AC FC-2020AC: All versions

e-STUDIO 2520AC FC-2520AC: All versions

e-STUDIO 2025NC FC-2025AC: All versions

e-STUDIO 2525AC FC-2525AC: All versions

e-STUDIO 3025AC FC-3025AC: All versions

e-STUDIO 3525AC FC-3525AC: All versions

e-STUDIO 3525ACG FC-3525ACG: All versions

e-STUDIO 4525AC FC-4525AC: All versions

e-STUDIO 4525ACG FC-4525ACG: All versions

e-STUDIO 5525AC FC-5525AC: All versions

e-STUDIO 5525ACG FC-5525ACG: All versions

e-STUDIO 6525AC FC-6525AC: All versions

e-STUDIO 6525ACG FC-6525ACG: All versions

e-STUDIO 2528A DP-2528A: All versions

e-STUDIO 3028A DP-3028A: All versions

e-STUDIO 3528A DP-3528A: All versions

e-STUDIO 3528AG DP-3528AG: All versions

e-STUDIO 4528A DP-4528A: All versions

e-STUDIO 4528AG DP-4528AG: All versions

e-STUDIO 5528A DP-5528A: All versions

e-STUDIO 6528A DP-6528A: All versions

e-STUDIO 6526AC FC-6526AC: All versions

e-STUDIO 6527AC FC-6527AC: All versions

e-STUDIO 7527AC FC-7527AC: All versions

e-STUDIO 6529A DP-6529A: All versions

e-STUDIO 7529A DP-7529A: All versions

e-STUDIO 9029A DP-9029A: All versions

e-STUDIO 330AC FC-330AC: All versions

e-STUDIO 400AC FC-400AC: All versions

e-STUDIO 2010AC FC-2010AC: All versions

e-STUDIO 2110AC FC-2110AC: All versions

e-STUDIO 2510AC FC-2510AC: All versions

e-STUDIO 2610AC FC-2610AC: All versions

e-STUDIO 2015NC FC-2015AC: All versions

e-STUDIO 2515AC FC-2515AC: All versions

e-STUDIO 2615AC FC-2615AC: All versions

e-STUDIO 3015AC FC-3015AC: All versions

e-STUDIO 3115AC FC-3115AC: All versions

e-STUDIO 3515AC FC-3515AC: All versions

e-STUDIO 3615AC FC-3615AC: All versions

e-STUDIO 4515AC FC-4515AC: All versions

e-STUDIO 4615AC FC-4615AC: All versions

e-STUDIO 5015AC FC-5015AC: All versions

e-STUDIO 5115AC FC-5115AC: All versions

e-STUDIO 2018A DP-2018A: All versions

e-STUDIO 2518A DP-2518A: All versions

e-STUDIO 2618A DP-2618A: All versions

e-STUDIO 3018A DP-3018A: All versions

e-STUDIO 3118A DP-3118A: All versions

e-STUDIO 3018AG DP-3018AG: All versions

e-STUDIO 3518A DP-3518A: All versions

e-STUDIO 3518AG DP-3518AG: All versions

e-STUDIO 3618A DP-3618A: All versions

e-STUDIO 3618AG DP-3618AG: All versions

e-STUDIO 4518A DP-4518A: All versions

e-STUDIO 4518AG DP-4518AG: All versions

e-STUDIO 4618A DP-4618A: All versions

e-STUDIO 4618AG DP-4618AG: All versions

e-STUDIO 5018A DP-5018A: All versions

e-STUDIO 5118A DP-5118A: All versions

e-STUDIO 5516AC FC-5516AC: All versions

e-STUDIO 5616AC FC-5616AC: All versions

e-STUDIO 6516AC FC-6516AC: All versions

e-STUDIO 6616AC FC-6616AC: All versions

e-STUDIO 7516AC FC-7516AC: All versions

e-STUDIO 7616AC FC-7616AC: All versions

e-STUDIO 5518A DP-5518A: All versions

e-STUDIO 5618A DP-5618A: All versions

e-STUDIO 6518A DP-6518A: All versions

e-STUDIO 6618A DP-6618A: All versions

e-STUDIO 7518A DP-7518A: All versions

e-STUDIO 7618A DP-7618A: All versions

e-STUDIO 8518A DP-8518A: All versions

e-STUDIO 8618A DP-8618A: All versions

e-STUDIO 2000AC FC-2000AC: All versions

e-STUDIO 2500AC FC-2500AC: All versions

e-STUDIO 2005NC FC-2005AC: All versions

e-STUDIO 2505AC FC-2005AC: All versions

e-STUDIO 3005AC FC-2005AC: All versions

e-STUDIO 3505AC FC-2005AC: All versions

e-STUDIO 4505AC FC-2005AC: All versions

e-STUDIO 5005AC FC-2005AC: All versions

e-STUDIO 2008A DP-2008A: All versions

e-STUDIO 2508A DP-2508A: All versions

e-STUDIO 3008A DP-3008A: All versions

e-STUDIO 3008AG DP-3008AG: All versions

e-STUDIO 3508A DP-3508A: All versions

e-STUDIO 3508AG DP-3508AG: All versions

e-STUDIO 4508A DP-4508A: All versions

e-STUDIO 4508AG DP-4508AG: All versions

e-STUDIO 5008A DP-5008A: All versions

e-STUDIO 5506AC FC-5506AC: All versions

e-STUDIO 6506AC FC-6506AC: All versions

e-STUDIO 7506AC FC-7506AC: All versions

e-STUDIO 5508A DP-5508A: All versions

e-STUDIO 6508A DP-6508A: All versions

e-STUDIO 7508A DP-7508A: All versions

e-STUDIO 8508A DP-8508A: All versions

e-STUDIO 3508LP DP-3535: All versions

e-STUDIO 4508LP DP-4535: All versions

e-STUDIO 5008LP DP-5035: All versions

CPE2.3 External links

http://jvn.jp/en/vu/JVNVU97136265/index.html
http://www.toshibatec.com/information/20240531_01.html


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

How the attacker can exploit this vulnerability?

The attacker would have to send a specially crafted request to the affected device in order to exploit this vulnerability.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

31) Incorrect default permissions

EUVDB-ID: #VU92264

Risk: Low

CVSSv3.1: 6.4 [CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-27148

CWE-ID: CWE-276 - Incorrect Default Permissions

Exploit availability: No

Description

The vulnerability allows a local attacker to execute arbitrary code on the system.

The vulnerability exists due to incorrect default permissions for files and folders that are set by the application. A local attacker can execute arbitrary code on the target system.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

e-STUDIO 2021AC FC-2021AC: All versions

e-STUDIO 2521AC FC-2521AC: All versions

e-STUDIO 2020AC FC-2020AC: All versions

e-STUDIO 2520AC FC-2520AC: All versions

e-STUDIO 2025NC FC-2025AC: All versions

e-STUDIO 2525AC FC-2525AC: All versions

e-STUDIO 3025AC FC-3025AC: All versions

e-STUDIO 3525AC FC-3525AC: All versions

e-STUDIO 3525ACG FC-3525ACG: All versions

e-STUDIO 4525AC FC-4525AC: All versions

e-STUDIO 4525ACG FC-4525ACG: All versions

e-STUDIO 5525AC FC-5525AC: All versions

e-STUDIO 5525ACG FC-5525ACG: All versions

e-STUDIO 6525AC FC-6525AC: All versions

e-STUDIO 6525ACG FC-6525ACG: All versions

e-STUDIO 2528A DP-2528A: All versions

e-STUDIO 3028A DP-3028A: All versions

e-STUDIO 3528A DP-3528A: All versions

e-STUDIO 3528AG DP-3528AG: All versions

e-STUDIO 4528A DP-4528A: All versions

e-STUDIO 4528AG DP-4528AG: All versions

e-STUDIO 5528A DP-5528A: All versions

e-STUDIO 6528A DP-6528A: All versions

e-STUDIO 6526AC FC-6526AC: All versions

e-STUDIO 6527AC FC-6527AC: All versions

e-STUDIO 7527AC FC-7527AC: All versions

e-STUDIO 6529A DP-6529A: All versions

e-STUDIO 7529A DP-7529A: All versions

e-STUDIO 9029A DP-9029A: All versions

e-STUDIO 330AC FC-330AC: All versions

e-STUDIO 400AC FC-400AC: All versions

e-STUDIO 2010AC FC-2010AC: All versions

e-STUDIO 2110AC FC-2110AC: All versions

e-STUDIO 2510AC FC-2510AC: All versions

e-STUDIO 2610AC FC-2610AC: All versions

e-STUDIO 2015NC FC-2015AC: All versions

e-STUDIO 2515AC FC-2515AC: All versions

e-STUDIO 2615AC FC-2615AC: All versions

e-STUDIO 3015AC FC-3015AC: All versions

e-STUDIO 3115AC FC-3115AC: All versions

e-STUDIO 3515AC FC-3515AC: All versions

e-STUDIO 3615AC FC-3615AC: All versions

e-STUDIO 4515AC FC-4515AC: All versions

e-STUDIO 4615AC FC-4615AC: All versions

e-STUDIO 5015AC FC-5015AC: All versions

e-STUDIO 5115AC FC-5115AC: All versions

e-STUDIO 2018A DP-2018A: All versions

e-STUDIO 2518A DP-2518A: All versions

e-STUDIO 2618A DP-2618A: All versions

e-STUDIO 3018A DP-3018A: All versions

e-STUDIO 3118A DP-3118A: All versions

e-STUDIO 3018AG DP-3018AG: All versions

e-STUDIO 3518A DP-3518A: All versions

e-STUDIO 3518AG DP-3518AG: All versions

e-STUDIO 3618A DP-3618A: All versions

e-STUDIO 3618AG DP-3618AG: All versions

e-STUDIO 4518A DP-4518A: All versions

e-STUDIO 4518AG DP-4518AG: All versions

e-STUDIO 4618A DP-4618A: All versions

e-STUDIO 4618AG DP-4618AG: All versions

e-STUDIO 5018A DP-5018A: All versions

e-STUDIO 5118A DP-5118A: All versions

e-STUDIO 5516AC FC-5516AC: All versions

e-STUDIO 5616AC FC-5616AC: All versions

e-STUDIO 6516AC FC-6516AC: All versions

e-STUDIO 6616AC FC-6616AC: All versions

e-STUDIO 7516AC FC-7516AC: All versions

e-STUDIO 7616AC FC-7616AC: All versions

e-STUDIO 5518A DP-5518A: All versions

e-STUDIO 5618A DP-5618A: All versions

e-STUDIO 6518A DP-6518A: All versions

e-STUDIO 6618A DP-6618A: All versions

e-STUDIO 7518A DP-7518A: All versions

e-STUDIO 7618A DP-7618A: All versions

e-STUDIO 8518A DP-8518A: All versions

e-STUDIO 8618A DP-8618A: All versions

e-STUDIO 2000AC FC-2000AC: All versions

e-STUDIO 2500AC FC-2500AC: All versions

e-STUDIO 2005NC FC-2005AC: All versions

e-STUDIO 2505AC FC-2005AC: All versions

e-STUDIO 3005AC FC-2005AC: All versions

e-STUDIO 3505AC FC-2005AC: All versions

e-STUDIO 4505AC FC-2005AC: All versions

e-STUDIO 5005AC FC-2005AC: All versions

e-STUDIO 2008A DP-2008A: All versions

e-STUDIO 2508A DP-2508A: All versions

e-STUDIO 3008A DP-3008A: All versions

e-STUDIO 3008AG DP-3008AG: All versions

e-STUDIO 3508A DP-3508A: All versions

e-STUDIO 3508AG DP-3508AG: All versions

e-STUDIO 4508A DP-4508A: All versions

e-STUDIO 4508AG DP-4508AG: All versions

e-STUDIO 5008A DP-5008A: All versions

e-STUDIO 5506AC FC-5506AC: All versions

e-STUDIO 6506AC FC-6506AC: All versions

e-STUDIO 7506AC FC-7506AC: All versions

e-STUDIO 5508A DP-5508A: All versions

e-STUDIO 6508A DP-6508A: All versions

e-STUDIO 7508A DP-7508A: All versions

e-STUDIO 8508A DP-8508A: All versions

e-STUDIO 3508LP DP-3535: All versions

e-STUDIO 4508LP DP-4535: All versions

e-STUDIO 5008LP DP-5035: All versions

CPE2.3 External links

http://jvn.jp/en/vu/JVNVU97136265/index.html
http://www.toshibatec.com/information/20240531_01.html


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

How the attacker can exploit this vulnerability?

The attacker would have to send a specially crafted request to the affected device in order to exploit this vulnerability.

The attacker would have to login to the system and perform certain actions in order to exploit this vulnerability.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

32) Incorrect default permissions

EUVDB-ID: #VU92265

Risk: Low

CVSSv3.1: 6.4 [CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-27149

CWE-ID: CWE-276 - Incorrect Default Permissions

Exploit availability: No

Description

The vulnerability allows a local attacker to execute arbitrary code on the system.

The vulnerability exists due to incorrect default permissions for files and folders that are set by the application. A local attacker can execute arbitrary code on the target system.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

e-STUDIO 2021AC FC-2021AC: All versions

e-STUDIO 2521AC FC-2521AC: All versions

e-STUDIO 2020AC FC-2020AC: All versions

e-STUDIO 2520AC FC-2520AC: All versions

e-STUDIO 2025NC FC-2025AC: All versions

e-STUDIO 2525AC FC-2525AC: All versions

e-STUDIO 3025AC FC-3025AC: All versions

e-STUDIO 3525AC FC-3525AC: All versions

e-STUDIO 3525ACG FC-3525ACG: All versions

e-STUDIO 4525AC FC-4525AC: All versions

e-STUDIO 4525ACG FC-4525ACG: All versions

e-STUDIO 5525AC FC-5525AC: All versions

e-STUDIO 5525ACG FC-5525ACG: All versions

e-STUDIO 6525AC FC-6525AC: All versions

e-STUDIO 6525ACG FC-6525ACG: All versions

e-STUDIO 2528A DP-2528A: All versions

e-STUDIO 3028A DP-3028A: All versions

e-STUDIO 3528A DP-3528A: All versions

e-STUDIO 3528AG DP-3528AG: All versions

e-STUDIO 4528A DP-4528A: All versions

e-STUDIO 4528AG DP-4528AG: All versions

e-STUDIO 5528A DP-5528A: All versions

e-STUDIO 6528A DP-6528A: All versions

e-STUDIO 6526AC FC-6526AC: All versions

e-STUDIO 6527AC FC-6527AC: All versions

e-STUDIO 7527AC FC-7527AC: All versions

e-STUDIO 6529A DP-6529A: All versions

e-STUDIO 7529A DP-7529A: All versions

e-STUDIO 9029A DP-9029A: All versions

e-STUDIO 330AC FC-330AC: All versions

e-STUDIO 400AC FC-400AC: All versions

e-STUDIO 2010AC FC-2010AC: All versions

e-STUDIO 2110AC FC-2110AC: All versions

e-STUDIO 2510AC FC-2510AC: All versions

e-STUDIO 2610AC FC-2610AC: All versions

e-STUDIO 2015NC FC-2015AC: All versions

e-STUDIO 2515AC FC-2515AC: All versions

e-STUDIO 2615AC FC-2615AC: All versions

e-STUDIO 3015AC FC-3015AC: All versions

e-STUDIO 3115AC FC-3115AC: All versions

e-STUDIO 3515AC FC-3515AC: All versions

e-STUDIO 3615AC FC-3615AC: All versions

e-STUDIO 4515AC FC-4515AC: All versions

e-STUDIO 4615AC FC-4615AC: All versions

e-STUDIO 5015AC FC-5015AC: All versions

e-STUDIO 5115AC FC-5115AC: All versions

e-STUDIO 2018A DP-2018A: All versions

e-STUDIO 2518A DP-2518A: All versions

e-STUDIO 2618A DP-2618A: All versions

e-STUDIO 3018A DP-3018A: All versions

e-STUDIO 3118A DP-3118A: All versions

e-STUDIO 3018AG DP-3018AG: All versions

e-STUDIO 3518A DP-3518A: All versions

e-STUDIO 3518AG DP-3518AG: All versions

e-STUDIO 3618A DP-3618A: All versions

e-STUDIO 3618AG DP-3618AG: All versions

e-STUDIO 4518A DP-4518A: All versions

e-STUDIO 4518AG DP-4518AG: All versions

e-STUDIO 4618A DP-4618A: All versions

e-STUDIO 4618AG DP-4618AG: All versions

e-STUDIO 5018A DP-5018A: All versions

e-STUDIO 5118A DP-5118A: All versions

e-STUDIO 5516AC FC-5516AC: All versions

e-STUDIO 5616AC FC-5616AC: All versions

e-STUDIO 6516AC FC-6516AC: All versions

e-STUDIO 6616AC FC-6616AC: All versions

e-STUDIO 7516AC FC-7516AC: All versions

e-STUDIO 7616AC FC-7616AC: All versions

e-STUDIO 5518A DP-5518A: All versions

e-STUDIO 5618A DP-5618A: All versions

e-STUDIO 6518A DP-6518A: All versions

e-STUDIO 6618A DP-6618A: All versions

e-STUDIO 7518A DP-7518A: All versions

e-STUDIO 7618A DP-7618A: All versions

e-STUDIO 8518A DP-8518A: All versions

e-STUDIO 8618A DP-8618A: All versions

e-STUDIO 2000AC FC-2000AC: All versions

e-STUDIO 2500AC FC-2500AC: All versions

e-STUDIO 2005NC FC-2005AC: All versions

e-STUDIO 2505AC FC-2005AC: All versions

e-STUDIO 3005AC FC-2005AC: All versions

e-STUDIO 3505AC FC-2005AC: All versions

e-STUDIO 4505AC FC-2005AC: All versions

e-STUDIO 5005AC FC-2005AC: All versions

e-STUDIO 2008A DP-2008A: All versions

e-STUDIO 2508A DP-2508A: All versions

e-STUDIO 3008A DP-3008A: All versions

e-STUDIO 3008AG DP-3008AG: All versions

e-STUDIO 3508A DP-3508A: All versions

e-STUDIO 3508AG DP-3508AG: All versions

e-STUDIO 4508A DP-4508A: All versions

e-STUDIO 4508AG DP-4508AG: All versions

e-STUDIO 5008A DP-5008A: All versions

e-STUDIO 5506AC FC-5506AC: All versions

e-STUDIO 6506AC FC-6506AC: All versions

e-STUDIO 7506AC FC-7506AC: All versions

e-STUDIO 5508A DP-5508A: All versions

e-STUDIO 6508A DP-6508A: All versions

e-STUDIO 7508A DP-7508A: All versions

e-STUDIO 8508A DP-8508A: All versions

e-STUDIO 3508LP DP-3535: All versions

e-STUDIO 4508LP DP-4535: All versions

e-STUDIO 5008LP DP-5035: All versions

CPE2.3 External links

http://jvn.jp/en/vu/JVNVU97136265/index.html
http://www.toshibatec.com/information/20240531_01.html


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

How the attacker can exploit this vulnerability?

The attacker would have to send a specially crafted request to the affected device in order to exploit this vulnerability.

The attacker would have to login to the system and perform certain actions in order to exploit this vulnerability.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

33) Incorrect default permissions

EUVDB-ID: #VU92267

Risk: Low

CVSSv3.1: 6.4 [CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-27151

CWE-ID: CWE-276 - Incorrect Default Permissions

Exploit availability: No

Description

The vulnerability allows a local attacker to execute arbitrary code on the system.

The vulnerability exists due to incorrect default permissions for files and folders that are set by the application. A local attacker can execute arbitrary code on the target system.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

e-STUDIO 2021AC FC-2021AC: All versions

e-STUDIO 2521AC FC-2521AC: All versions

e-STUDIO 2020AC FC-2020AC: All versions

e-STUDIO 2520AC FC-2520AC: All versions

e-STUDIO 2025NC FC-2025AC: All versions

e-STUDIO 2525AC FC-2525AC: All versions

e-STUDIO 3025AC FC-3025AC: All versions

e-STUDIO 3525AC FC-3525AC: All versions

e-STUDIO 3525ACG FC-3525ACG: All versions

e-STUDIO 4525AC FC-4525AC: All versions

e-STUDIO 4525ACG FC-4525ACG: All versions

e-STUDIO 5525AC FC-5525AC: All versions

e-STUDIO 5525ACG FC-5525ACG: All versions

e-STUDIO 6525AC FC-6525AC: All versions

e-STUDIO 6525ACG FC-6525ACG: All versions

e-STUDIO 2528A DP-2528A: All versions

e-STUDIO 3028A DP-3028A: All versions

e-STUDIO 3528A DP-3528A: All versions

e-STUDIO 3528AG DP-3528AG: All versions

e-STUDIO 4528A DP-4528A: All versions

e-STUDIO 4528AG DP-4528AG: All versions

e-STUDIO 5528A DP-5528A: All versions

e-STUDIO 6528A DP-6528A: All versions

e-STUDIO 6526AC FC-6526AC: All versions

e-STUDIO 6527AC FC-6527AC: All versions

e-STUDIO 7527AC FC-7527AC: All versions

e-STUDIO 6529A DP-6529A: All versions

e-STUDIO 7529A DP-7529A: All versions

e-STUDIO 9029A DP-9029A: All versions

e-STUDIO 330AC FC-330AC: All versions

e-STUDIO 400AC FC-400AC: All versions

e-STUDIO 2010AC FC-2010AC: All versions

e-STUDIO 2110AC FC-2110AC: All versions

e-STUDIO 2510AC FC-2510AC: All versions

e-STUDIO 2610AC FC-2610AC: All versions

e-STUDIO 2015NC FC-2015AC: All versions

e-STUDIO 2515AC FC-2515AC: All versions

e-STUDIO 2615AC FC-2615AC: All versions

e-STUDIO 3015AC FC-3015AC: All versions

e-STUDIO 3115AC FC-3115AC: All versions

e-STUDIO 3515AC FC-3515AC: All versions

e-STUDIO 3615AC FC-3615AC: All versions

e-STUDIO 4515AC FC-4515AC: All versions

e-STUDIO 4615AC FC-4615AC: All versions

e-STUDIO 5015AC FC-5015AC: All versions

e-STUDIO 5115AC FC-5115AC: All versions

e-STUDIO 2018A DP-2018A: All versions

e-STUDIO 2518A DP-2518A: All versions

e-STUDIO 2618A DP-2618A: All versions

e-STUDIO 3018A DP-3018A: All versions

e-STUDIO 3118A DP-3118A: All versions

e-STUDIO 3018AG DP-3018AG: All versions

e-STUDIO 3518A DP-3518A: All versions

e-STUDIO 3518AG DP-3518AG: All versions

e-STUDIO 3618A DP-3618A: All versions

e-STUDIO 3618AG DP-3618AG: All versions

e-STUDIO 4518A DP-4518A: All versions

e-STUDIO 4518AG DP-4518AG: All versions

e-STUDIO 4618A DP-4618A: All versions

e-STUDIO 4618AG DP-4618AG: All versions

e-STUDIO 5018A DP-5018A: All versions

e-STUDIO 5118A DP-5118A: All versions

e-STUDIO 5516AC FC-5516AC: All versions

e-STUDIO 5616AC FC-5616AC: All versions

e-STUDIO 6516AC FC-6516AC: All versions

e-STUDIO 6616AC FC-6616AC: All versions

e-STUDIO 7516AC FC-7516AC: All versions

e-STUDIO 7616AC FC-7616AC: All versions

e-STUDIO 5518A DP-5518A: All versions

e-STUDIO 5618A DP-5618A: All versions

e-STUDIO 6518A DP-6518A: All versions

e-STUDIO 6618A DP-6618A: All versions

e-STUDIO 7518A DP-7518A: All versions

e-STUDIO 7618A DP-7618A: All versions

e-STUDIO 8518A DP-8518A: All versions

e-STUDIO 8618A DP-8618A: All versions

e-STUDIO 2000AC FC-2000AC: All versions

e-STUDIO 2500AC FC-2500AC: All versions

e-STUDIO 2005NC FC-2005AC: All versions

e-STUDIO 2505AC FC-2005AC: All versions

e-STUDIO 3005AC FC-2005AC: All versions

e-STUDIO 3505AC FC-2005AC: All versions

e-STUDIO 4505AC FC-2005AC: All versions

e-STUDIO 5005AC FC-2005AC: All versions

e-STUDIO 2008A DP-2008A: All versions

e-STUDIO 2508A DP-2508A: All versions

e-STUDIO 3008A DP-3008A: All versions

e-STUDIO 3008AG DP-3008AG: All versions

e-STUDIO 3508A DP-3508A: All versions

e-STUDIO 3508AG DP-3508AG: All versions

e-STUDIO 4508A DP-4508A: All versions

e-STUDIO 4508AG DP-4508AG: All versions

e-STUDIO 5008A DP-5008A: All versions

e-STUDIO 5506AC FC-5506AC: All versions

e-STUDIO 6506AC FC-6506AC: All versions

e-STUDIO 7506AC FC-7506AC: All versions

e-STUDIO 5508A DP-5508A: All versions

e-STUDIO 6508A DP-6508A: All versions

e-STUDIO 7508A DP-7508A: All versions

e-STUDIO 8508A DP-8508A: All versions

e-STUDIO 3508LP DP-3535: All versions

e-STUDIO 4508LP DP-4535: All versions

e-STUDIO 5008LP DP-5035: All versions

CPE2.3 External links

http://jvn.jp/en/vu/JVNVU97136265/index.html
http://www.toshibatec.com/information/20240531_01.html


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

How the attacker can exploit this vulnerability?

The attacker would have to send a specially crafted request to the affected device in order to exploit this vulnerability.

The attacker would have to login to the system and perform certain actions in order to exploit this vulnerability.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

34) Path traversal

EUVDB-ID: #VU92277

Risk: High

CVSSv3.1: 8.5 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-27176

CWE-ID: CWE-22 - Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

Exploit availability: No

Description

The vulnerability allows a remote attacker to perform directory traversal attacks.

The vulnerability exists due to input validation error when processing directory traversal sequences. A remote attacker can send a specially crafted HTTP request and read arbitrary files on the system, leading to arbitrary code execution.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

e-STUDIO 2021AC FC-2021AC: All versions

e-STUDIO 2521AC FC-2521AC: All versions

e-STUDIO 2020AC FC-2020AC: All versions

e-STUDIO 2520AC FC-2520AC: All versions

e-STUDIO 2025NC FC-2025AC: All versions

e-STUDIO 2525AC FC-2525AC: All versions

e-STUDIO 3025AC FC-3025AC: All versions

e-STUDIO 3525AC FC-3525AC: All versions

e-STUDIO 3525ACG FC-3525ACG: All versions

e-STUDIO 4525AC FC-4525AC: All versions

e-STUDIO 4525ACG FC-4525ACG: All versions

e-STUDIO 5525AC FC-5525AC: All versions

e-STUDIO 5525ACG FC-5525ACG: All versions

e-STUDIO 6525AC FC-6525AC: All versions

e-STUDIO 6525ACG FC-6525ACG: All versions

e-STUDIO 2528A DP-2528A: All versions

e-STUDIO 3028A DP-3028A: All versions

e-STUDIO 3528A DP-3528A: All versions

e-STUDIO 3528AG DP-3528AG: All versions

e-STUDIO 4528A DP-4528A: All versions

e-STUDIO 4528AG DP-4528AG: All versions

e-STUDIO 5528A DP-5528A: All versions

e-STUDIO 6528A DP-6528A: All versions

e-STUDIO 6526AC FC-6526AC: All versions

e-STUDIO 6527AC FC-6527AC: All versions

e-STUDIO 7527AC FC-7527AC: All versions

e-STUDIO 6529A DP-6529A: All versions

e-STUDIO 7529A DP-7529A: All versions

e-STUDIO 9029A DP-9029A: All versions

e-STUDIO 330AC FC-330AC: All versions

e-STUDIO 400AC FC-400AC: All versions

e-STUDIO 2010AC FC-2010AC: All versions

e-STUDIO 2110AC FC-2110AC: All versions

e-STUDIO 2510AC FC-2510AC: All versions

e-STUDIO 2610AC FC-2610AC: All versions

e-STUDIO 2015NC FC-2015AC: All versions

e-STUDIO 2515AC FC-2515AC: All versions

e-STUDIO 2615AC FC-2615AC: All versions

e-STUDIO 3015AC FC-3015AC: All versions

e-STUDIO 3115AC FC-3115AC: All versions

e-STUDIO 3515AC FC-3515AC: All versions

e-STUDIO 3615AC FC-3615AC: All versions

e-STUDIO 4515AC FC-4515AC: All versions

e-STUDIO 4615AC FC-4615AC: All versions

e-STUDIO 5015AC FC-5015AC: All versions

e-STUDIO 5115AC FC-5115AC: All versions

e-STUDIO 2018A DP-2018A: All versions

e-STUDIO 2518A DP-2518A: All versions

e-STUDIO 2618A DP-2618A: All versions

e-STUDIO 3018A DP-3018A: All versions

e-STUDIO 3118A DP-3118A: All versions

e-STUDIO 3018AG DP-3018AG: All versions

e-STUDIO 3518A DP-3518A: All versions

e-STUDIO 3518AG DP-3518AG: All versions

e-STUDIO 3618A DP-3618A: All versions

e-STUDIO 3618AG DP-3618AG: All versions

e-STUDIO 4518A DP-4518A: All versions

e-STUDIO 4518AG DP-4518AG: All versions

e-STUDIO 4618A DP-4618A: All versions

e-STUDIO 4618AG DP-4618AG: All versions

e-STUDIO 5018A DP-5018A: All versions

e-STUDIO 5118A DP-5118A: All versions

e-STUDIO 5516AC FC-5516AC: All versions

e-STUDIO 5616AC FC-5616AC: All versions

e-STUDIO 6516AC FC-6516AC: All versions

e-STUDIO 6616AC FC-6616AC: All versions

e-STUDIO 7516AC FC-7516AC: All versions

e-STUDIO 7616AC FC-7616AC: All versions

e-STUDIO 5518A DP-5518A: All versions

e-STUDIO 5618A DP-5618A: All versions

e-STUDIO 6518A DP-6518A: All versions

e-STUDIO 6618A DP-6618A: All versions

e-STUDIO 7518A DP-7518A: All versions

e-STUDIO 7618A DP-7618A: All versions

e-STUDIO 8518A DP-8518A: All versions

e-STUDIO 8618A DP-8618A: All versions

e-STUDIO 2000AC FC-2000AC: All versions

e-STUDIO 2500AC FC-2500AC: All versions

e-STUDIO 2005NC FC-2005AC: All versions

e-STUDIO 2505AC FC-2005AC: All versions

e-STUDIO 3005AC FC-2005AC: All versions

e-STUDIO 3505AC FC-2005AC: All versions

e-STUDIO 4505AC FC-2005AC: All versions

e-STUDIO 5005AC FC-2005AC: All versions

e-STUDIO 2008A DP-2008A: All versions

e-STUDIO 2508A DP-2508A: All versions

e-STUDIO 3008A DP-3008A: All versions

e-STUDIO 3008AG DP-3008AG: All versions

e-STUDIO 3508A DP-3508A: All versions

e-STUDIO 3508AG DP-3508AG: All versions

e-STUDIO 4508A DP-4508A: All versions

e-STUDIO 4508AG DP-4508AG: All versions

e-STUDIO 5008A DP-5008A: All versions

e-STUDIO 5506AC FC-5506AC: All versions

e-STUDIO 6506AC FC-6506AC: All versions

e-STUDIO 7506AC FC-7506AC: All versions

e-STUDIO 5508A DP-5508A: All versions

e-STUDIO 6508A DP-6508A: All versions

e-STUDIO 7508A DP-7508A: All versions

e-STUDIO 8508A DP-8508A: All versions

e-STUDIO 3508LP DP-3535: All versions

e-STUDIO 4508LP DP-4535: All versions

e-STUDIO 5008LP DP-5035: All versions

CPE2.3 External links

http://jvn.jp/en/vu/JVNVU97136265/index.html
http://www.toshibatec.com/information/20240531_01.html


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

How the attacker can exploit this vulnerability?

The attacker would have to send a specially crafted request to the affected device in order to exploit this vulnerability.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

35) Incorrect default permissions

EUVDB-ID: #VU92268

Risk: Low

CVSSv3.1: 6.4 [CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-27152

CWE-ID: CWE-276 - Incorrect Default Permissions

Exploit availability: No

Description

The vulnerability allows a local attacker to execute arbitrary code on the system.

The vulnerability exists due to incorrect default permissions for files and folders that are set by the application. A local attacker can execute arbitrary code on the target system.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

e-STUDIO 2021AC FC-2021AC: All versions

e-STUDIO 2521AC FC-2521AC: All versions

e-STUDIO 2020AC FC-2020AC: All versions

e-STUDIO 2520AC FC-2520AC: All versions

e-STUDIO 2025NC FC-2025AC: All versions

e-STUDIO 2525AC FC-2525AC: All versions

e-STUDIO 3025AC FC-3025AC: All versions

e-STUDIO 3525AC FC-3525AC: All versions

e-STUDIO 3525ACG FC-3525ACG: All versions

e-STUDIO 4525AC FC-4525AC: All versions

e-STUDIO 4525ACG FC-4525ACG: All versions

e-STUDIO 5525AC FC-5525AC: All versions

e-STUDIO 5525ACG FC-5525ACG: All versions

e-STUDIO 6525AC FC-6525AC: All versions

e-STUDIO 6525ACG FC-6525ACG: All versions

e-STUDIO 2528A DP-2528A: All versions

e-STUDIO 3028A DP-3028A: All versions

e-STUDIO 3528A DP-3528A: All versions

e-STUDIO 3528AG DP-3528AG: All versions

e-STUDIO 4528A DP-4528A: All versions

e-STUDIO 4528AG DP-4528AG: All versions

e-STUDIO 5528A DP-5528A: All versions

e-STUDIO 6528A DP-6528A: All versions

e-STUDIO 6526AC FC-6526AC: All versions

e-STUDIO 6527AC FC-6527AC: All versions

e-STUDIO 7527AC FC-7527AC: All versions

e-STUDIO 6529A DP-6529A: All versions

e-STUDIO 7529A DP-7529A: All versions

e-STUDIO 9029A DP-9029A: All versions

e-STUDIO 330AC FC-330AC: All versions

e-STUDIO 400AC FC-400AC: All versions

e-STUDIO 2010AC FC-2010AC: All versions

e-STUDIO 2110AC FC-2110AC: All versions

e-STUDIO 2510AC FC-2510AC: All versions

e-STUDIO 2610AC FC-2610AC: All versions

e-STUDIO 2015NC FC-2015AC: All versions

e-STUDIO 2515AC FC-2515AC: All versions

e-STUDIO 2615AC FC-2615AC: All versions

e-STUDIO 3015AC FC-3015AC: All versions

e-STUDIO 3115AC FC-3115AC: All versions

e-STUDIO 3515AC FC-3515AC: All versions

e-STUDIO 3615AC FC-3615AC: All versions

e-STUDIO 4515AC FC-4515AC: All versions

e-STUDIO 4615AC FC-4615AC: All versions

e-STUDIO 5015AC FC-5015AC: All versions

e-STUDIO 5115AC FC-5115AC: All versions

e-STUDIO 2018A DP-2018A: All versions

e-STUDIO 2518A DP-2518A: All versions

e-STUDIO 2618A DP-2618A: All versions

e-STUDIO 3018A DP-3018A: All versions

e-STUDIO 3118A DP-3118A: All versions

e-STUDIO 3018AG DP-3018AG: All versions

e-STUDIO 3518A DP-3518A: All versions

e-STUDIO 3518AG DP-3518AG: All versions

e-STUDIO 3618A DP-3618A: All versions

e-STUDIO 3618AG DP-3618AG: All versions

e-STUDIO 4518A DP-4518A: All versions

e-STUDIO 4518AG DP-4518AG: All versions

e-STUDIO 4618A DP-4618A: All versions

e-STUDIO 4618AG DP-4618AG: All versions

e-STUDIO 5018A DP-5018A: All versions

e-STUDIO 5118A DP-5118A: All versions

e-STUDIO 5516AC FC-5516AC: All versions

e-STUDIO 5616AC FC-5616AC: All versions

e-STUDIO 6516AC FC-6516AC: All versions

e-STUDIO 6616AC FC-6616AC: All versions

e-STUDIO 7516AC FC-7516AC: All versions

e-STUDIO 7616AC FC-7616AC: All versions

e-STUDIO 5518A DP-5518A: All versions

e-STUDIO 5618A DP-5618A: All versions

e-STUDIO 6518A DP-6518A: All versions

e-STUDIO 6618A DP-6618A: All versions

e-STUDIO 7518A DP-7518A: All versions

e-STUDIO 7618A DP-7618A: All versions

e-STUDIO 8518A DP-8518A: All versions

e-STUDIO 8618A DP-8618A: All versions

e-STUDIO 2000AC FC-2000AC: All versions

e-STUDIO 2500AC FC-2500AC: All versions

e-STUDIO 2005NC FC-2005AC: All versions

e-STUDIO 2505AC FC-2005AC: All versions

e-STUDIO 3005AC FC-2005AC: All versions

e-STUDIO 3505AC FC-2005AC: All versions

e-STUDIO 4505AC FC-2005AC: All versions

e-STUDIO 5005AC FC-2005AC: All versions

e-STUDIO 2008A DP-2008A: All versions

e-STUDIO 2508A DP-2508A: All versions

e-STUDIO 3008A DP-3008A: All versions

e-STUDIO 3008AG DP-3008AG: All versions

e-STUDIO 3508A DP-3508A: All versions

e-STUDIO 3508AG DP-3508AG: All versions

e-STUDIO 4508A DP-4508A: All versions

e-STUDIO 4508AG DP-4508AG: All versions

e-STUDIO 5008A DP-5008A: All versions

e-STUDIO 5506AC FC-5506AC: All versions

e-STUDIO 6506AC FC-6506AC: All versions

e-STUDIO 7506AC FC-7506AC: All versions

e-STUDIO 5508A DP-5508A: All versions

e-STUDIO 6508A DP-6508A: All versions

e-STUDIO 7508A DP-7508A: All versions

e-STUDIO 8508A DP-8508A: All versions

e-STUDIO 3508LP DP-3535: All versions

e-STUDIO 4508LP DP-4535: All versions

e-STUDIO 5008LP DP-5035: All versions

CPE2.3 External links

http://jvn.jp/en/vu/JVNVU97136265/index.html
http://www.toshibatec.com/information/20240531_01.html


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

How the attacker can exploit this vulnerability?

The attacker would have to send a specially crafted request to the affected device in order to exploit this vulnerability.

The attacker would have to login to the system and perform certain actions in order to exploit this vulnerability.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

36) Incorrect default permissions

EUVDB-ID: #VU92269

Risk: Low

CVSSv3.1: 6.4 [CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-27153

CWE-ID: CWE-276 - Incorrect Default Permissions

Exploit availability: No

Description

The vulnerability allows a local attacker to execute arbitrary code on the system.

The vulnerability exists due to incorrect default permissions for files and folders that are set by the application. A local attacker can execute arbitrary code on the target system.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

e-STUDIO 2021AC FC-2021AC: All versions

e-STUDIO 2521AC FC-2521AC: All versions

e-STUDIO 2020AC FC-2020AC: All versions

e-STUDIO 2520AC FC-2520AC: All versions

e-STUDIO 2025NC FC-2025AC: All versions

e-STUDIO 2525AC FC-2525AC: All versions

e-STUDIO 3025AC FC-3025AC: All versions

e-STUDIO 3525AC FC-3525AC: All versions

e-STUDIO 3525ACG FC-3525ACG: All versions

e-STUDIO 4525AC FC-4525AC: All versions

e-STUDIO 4525ACG FC-4525ACG: All versions

e-STUDIO 5525AC FC-5525AC: All versions

e-STUDIO 5525ACG FC-5525ACG: All versions

e-STUDIO 6525AC FC-6525AC: All versions

e-STUDIO 6525ACG FC-6525ACG: All versions

e-STUDIO 2528A DP-2528A: All versions

e-STUDIO 3028A DP-3028A: All versions

e-STUDIO 3528A DP-3528A: All versions

e-STUDIO 3528AG DP-3528AG: All versions

e-STUDIO 4528A DP-4528A: All versions

e-STUDIO 4528AG DP-4528AG: All versions

e-STUDIO 5528A DP-5528A: All versions

e-STUDIO 6528A DP-6528A: All versions

e-STUDIO 6526AC FC-6526AC: All versions

e-STUDIO 6527AC FC-6527AC: All versions

e-STUDIO 7527AC FC-7527AC: All versions

e-STUDIO 6529A DP-6529A: All versions

e-STUDIO 7529A DP-7529A: All versions

e-STUDIO 9029A DP-9029A: All versions

e-STUDIO 330AC FC-330AC: All versions

e-STUDIO 400AC FC-400AC: All versions

e-STUDIO 2010AC FC-2010AC: All versions

e-STUDIO 2110AC FC-2110AC: All versions

e-STUDIO 2510AC FC-2510AC: All versions

e-STUDIO 2610AC FC-2610AC: All versions

e-STUDIO 2015NC FC-2015AC: All versions

e-STUDIO 2515AC FC-2515AC: All versions

e-STUDIO 2615AC FC-2615AC: All versions

e-STUDIO 3015AC FC-3015AC: All versions

e-STUDIO 3115AC FC-3115AC: All versions

e-STUDIO 3515AC FC-3515AC: All versions

e-STUDIO 3615AC FC-3615AC: All versions

e-STUDIO 4515AC FC-4515AC: All versions

e-STUDIO 4615AC FC-4615AC: All versions

e-STUDIO 5015AC FC-5015AC: All versions

e-STUDIO 5115AC FC-5115AC: All versions

e-STUDIO 2018A DP-2018A: All versions

e-STUDIO 2518A DP-2518A: All versions

e-STUDIO 2618A DP-2618A: All versions

e-STUDIO 3018A DP-3018A: All versions

e-STUDIO 3118A DP-3118A: All versions

e-STUDIO 3018AG DP-3018AG: All versions

e-STUDIO 3518A DP-3518A: All versions

e-STUDIO 3518AG DP-3518AG: All versions

e-STUDIO 3618A DP-3618A: All versions

e-STUDIO 3618AG DP-3618AG: All versions

e-STUDIO 4518A DP-4518A: All versions

e-STUDIO 4518AG DP-4518AG: All versions

e-STUDIO 4618A DP-4618A: All versions

e-STUDIO 4618AG DP-4618AG: All versions

e-STUDIO 5018A DP-5018A: All versions

e-STUDIO 5118A DP-5118A: All versions

e-STUDIO 5516AC FC-5516AC: All versions

e-STUDIO 5616AC FC-5616AC: All versions

e-STUDIO 6516AC FC-6516AC: All versions

e-STUDIO 6616AC FC-6616AC: All versions

e-STUDIO 7516AC FC-7516AC: All versions

e-STUDIO 7616AC FC-7616AC: All versions

e-STUDIO 5518A DP-5518A: All versions

e-STUDIO 5618A DP-5618A: All versions

e-STUDIO 6518A DP-6518A: All versions

e-STUDIO 6618A DP-6618A: All versions

e-STUDIO 7518A DP-7518A: All versions

e-STUDIO 7618A DP-7618A: All versions

e-STUDIO 8518A DP-8518A: All versions

e-STUDIO 8618A DP-8618A: All versions

e-STUDIO 2000AC FC-2000AC: All versions

e-STUDIO 2500AC FC-2500AC: All versions

e-STUDIO 2005NC FC-2005AC: All versions

e-STUDIO 2505AC FC-2005AC: All versions

e-STUDIO 3005AC FC-2005AC: All versions

e-STUDIO 3505AC FC-2005AC: All versions

e-STUDIO 4505AC FC-2005AC: All versions

e-STUDIO 5005AC FC-2005AC: All versions

e-STUDIO 2008A DP-2008A: All versions

e-STUDIO 2508A DP-2508A: All versions

e-STUDIO 3008A DP-3008A: All versions

e-STUDIO 3008AG DP-3008AG: All versions

e-STUDIO 3508A DP-3508A: All versions

e-STUDIO 3508AG DP-3508AG: All versions

e-STUDIO 4508A DP-4508A: All versions

e-STUDIO 4508AG DP-4508AG: All versions

e-STUDIO 5008A DP-5008A: All versions

e-STUDIO 5506AC FC-5506AC: All versions

e-STUDIO 6506AC FC-6506AC: All versions

e-STUDIO 7506AC FC-7506AC: All versions

e-STUDIO 5508A DP-5508A: All versions

e-STUDIO 6508A DP-6508A: All versions

e-STUDIO 7508A DP-7508A: All versions

e-STUDIO 8508A DP-8508A: All versions

e-STUDIO 3508LP DP-3535: All versions

e-STUDIO 4508LP DP-4535: All versions

e-STUDIO 5008LP DP-5035: All versions

CPE2.3 External links

http://jvn.jp/en/vu/JVNVU97136265/index.html
http://www.toshibatec.com/information/20240531_01.html


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

How the attacker can exploit this vulnerability?

The attacker would have to send a specially crafted request to the affected device in order to exploit this vulnerability.

The attacker would have to login to the system and perform certain actions in order to exploit this vulnerability.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

37) Incorrect default permissions

EUVDB-ID: #VU92270

Risk: Low

CVSSv3.1: 6.4 [CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-27155

CWE-ID: CWE-276 - Incorrect Default Permissions

Exploit availability: No

Description

The vulnerability allows a local attacker to execute arbitrary code on the system.

The vulnerability exists due to incorrect default permissions for files and folders that are set by the application. A local attacker can execute arbitrary code on the target system.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

e-STUDIO 2021AC FC-2021AC: All versions

e-STUDIO 2521AC FC-2521AC: All versions

e-STUDIO 2020AC FC-2020AC: All versions

e-STUDIO 2520AC FC-2520AC: All versions

e-STUDIO 2025NC FC-2025AC: All versions

e-STUDIO 2525AC FC-2525AC: All versions

e-STUDIO 3025AC FC-3025AC: All versions

e-STUDIO 3525AC FC-3525AC: All versions

e-STUDIO 3525ACG FC-3525ACG: All versions

e-STUDIO 4525AC FC-4525AC: All versions

e-STUDIO 4525ACG FC-4525ACG: All versions

e-STUDIO 5525AC FC-5525AC: All versions

e-STUDIO 5525ACG FC-5525ACG: All versions

e-STUDIO 6525AC FC-6525AC: All versions

e-STUDIO 6525ACG FC-6525ACG: All versions

e-STUDIO 2528A DP-2528A: All versions

e-STUDIO 3028A DP-3028A: All versions

e-STUDIO 3528A DP-3528A: All versions

e-STUDIO 3528AG DP-3528AG: All versions

e-STUDIO 4528A DP-4528A: All versions

e-STUDIO 4528AG DP-4528AG: All versions

e-STUDIO 5528A DP-5528A: All versions

e-STUDIO 6528A DP-6528A: All versions

e-STUDIO 6526AC FC-6526AC: All versions

e-STUDIO 6527AC FC-6527AC: All versions

e-STUDIO 7527AC FC-7527AC: All versions

e-STUDIO 6529A DP-6529A: All versions

e-STUDIO 7529A DP-7529A: All versions

e-STUDIO 9029A DP-9029A: All versions

e-STUDIO 330AC FC-330AC: All versions

e-STUDIO 400AC FC-400AC: All versions

e-STUDIO 2010AC FC-2010AC: All versions

e-STUDIO 2110AC FC-2110AC: All versions

e-STUDIO 2510AC FC-2510AC: All versions

e-STUDIO 2610AC FC-2610AC: All versions

e-STUDIO 2015NC FC-2015AC: All versions

e-STUDIO 2515AC FC-2515AC: All versions

e-STUDIO 2615AC FC-2615AC: All versions

e-STUDIO 3015AC FC-3015AC: All versions

e-STUDIO 3115AC FC-3115AC: All versions

e-STUDIO 3515AC FC-3515AC: All versions

e-STUDIO 3615AC FC-3615AC: All versions

e-STUDIO 4515AC FC-4515AC: All versions

e-STUDIO 4615AC FC-4615AC: All versions

e-STUDIO 5015AC FC-5015AC: All versions

e-STUDIO 5115AC FC-5115AC: All versions

e-STUDIO 2018A DP-2018A: All versions

e-STUDIO 2518A DP-2518A: All versions

e-STUDIO 2618A DP-2618A: All versions

e-STUDIO 3018A DP-3018A: All versions

e-STUDIO 3118A DP-3118A: All versions

e-STUDIO 3018AG DP-3018AG: All versions

e-STUDIO 3518A DP-3518A: All versions

e-STUDIO 3518AG DP-3518AG: All versions

e-STUDIO 3618A DP-3618A: All versions

e-STUDIO 3618AG DP-3618AG: All versions

e-STUDIO 4518A DP-4518A: All versions

e-STUDIO 4518AG DP-4518AG: All versions

e-STUDIO 4618A DP-4618A: All versions

e-STUDIO 4618AG DP-4618AG: All versions

e-STUDIO 5018A DP-5018A: All versions

e-STUDIO 5118A DP-5118A: All versions

e-STUDIO 5516AC FC-5516AC: All versions

e-STUDIO 5616AC FC-5616AC: All versions

e-STUDIO 6516AC FC-6516AC: All versions

e-STUDIO 6616AC FC-6616AC: All versions

e-STUDIO 7516AC FC-7516AC: All versions

e-STUDIO 7616AC FC-7616AC: All versions

e-STUDIO 5518A DP-5518A: All versions

e-STUDIO 5618A DP-5618A: All versions

e-STUDIO 6518A DP-6518A: All versions

e-STUDIO 6618A DP-6618A: All versions

e-STUDIO 7518A DP-7518A: All versions

e-STUDIO 7618A DP-7618A: All versions

e-STUDIO 8518A DP-8518A: All versions

e-STUDIO 8618A DP-8618A: All versions

e-STUDIO 2000AC FC-2000AC: All versions

e-STUDIO 2500AC FC-2500AC: All versions

e-STUDIO 2005NC FC-2005AC: All versions

e-STUDIO 2505AC FC-2005AC: All versions

e-STUDIO 3005AC FC-2005AC: All versions

e-STUDIO 3505AC FC-2005AC: All versions

e-STUDIO 4505AC FC-2005AC: All versions

e-STUDIO 5005AC FC-2005AC: All versions

e-STUDIO 2008A DP-2008A: All versions

e-STUDIO 2508A DP-2508A: All versions

e-STUDIO 3008A DP-3008A: All versions

e-STUDIO 3008AG DP-3008AG: All versions

e-STUDIO 3508A DP-3508A: All versions

e-STUDIO 3508AG DP-3508AG: All versions

e-STUDIO 4508A DP-4508A: All versions

e-STUDIO 4508AG DP-4508AG: All versions

e-STUDIO 5008A DP-5008A: All versions

e-STUDIO 5506AC FC-5506AC: All versions

e-STUDIO 6506AC FC-6506AC: All versions

e-STUDIO 7506AC FC-7506AC: All versions

e-STUDIO 5508A DP-5508A: All versions

e-STUDIO 6508A DP-6508A: All versions

e-STUDIO 7508A DP-7508A: All versions

e-STUDIO 8508A DP-8508A: All versions

e-STUDIO 3508LP DP-3535: All versions

e-STUDIO 4508LP DP-4535: All versions

e-STUDIO 5008LP DP-5035: All versions

CPE2.3 External links

http://jvn.jp/en/vu/JVNVU97136265/index.html
http://www.toshibatec.com/information/20240531_01.html


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

How the attacker can exploit this vulnerability?

The attacker would have to send a specially crafted request to the affected device in order to exploit this vulnerability.

The attacker would have to login to the system and perform certain actions in order to exploit this vulnerability.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

38) Incorrect default permissions

EUVDB-ID: #VU92271

Risk: Low

CVSSv3.1: 6.4 [CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-27167

CWE-ID: CWE-276 - Incorrect Default Permissions

Exploit availability: No

Description

The vulnerability allows a local attacker to execute arbitrary code on the system.

The vulnerability exists due to incorrect default permissions for files and folders that are set by the application. A local attacker can execute arbitrary code on the target system.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

e-STUDIO 2021AC FC-2021AC: All versions

e-STUDIO 2521AC FC-2521AC: All versions

e-STUDIO 2020AC FC-2020AC: All versions

e-STUDIO 2520AC FC-2520AC: All versions

e-STUDIO 2025NC FC-2025AC: All versions

e-STUDIO 2525AC FC-2525AC: All versions

e-STUDIO 3025AC FC-3025AC: All versions

e-STUDIO 3525AC FC-3525AC: All versions

e-STUDIO 3525ACG FC-3525ACG: All versions

e-STUDIO 4525AC FC-4525AC: All versions

e-STUDIO 4525ACG FC-4525ACG: All versions

e-STUDIO 5525AC FC-5525AC: All versions

e-STUDIO 5525ACG FC-5525ACG: All versions

e-STUDIO 6525AC FC-6525AC: All versions

e-STUDIO 6525ACG FC-6525ACG: All versions

e-STUDIO 2528A DP-2528A: All versions

e-STUDIO 3028A DP-3028A: All versions

e-STUDIO 3528A DP-3528A: All versions

e-STUDIO 3528AG DP-3528AG: All versions

e-STUDIO 4528A DP-4528A: All versions

e-STUDIO 4528AG DP-4528AG: All versions

e-STUDIO 5528A DP-5528A: All versions

e-STUDIO 6528A DP-6528A: All versions

e-STUDIO 6526AC FC-6526AC: All versions

e-STUDIO 6527AC FC-6527AC: All versions

e-STUDIO 7527AC FC-7527AC: All versions

e-STUDIO 6529A DP-6529A: All versions

e-STUDIO 7529A DP-7529A: All versions

e-STUDIO 9029A DP-9029A: All versions

e-STUDIO 330AC FC-330AC: All versions

e-STUDIO 400AC FC-400AC: All versions

e-STUDIO 2010AC FC-2010AC: All versions

e-STUDIO 2110AC FC-2110AC: All versions

e-STUDIO 2510AC FC-2510AC: All versions

e-STUDIO 2610AC FC-2610AC: All versions

e-STUDIO 2015NC FC-2015AC: All versions

e-STUDIO 2515AC FC-2515AC: All versions

e-STUDIO 2615AC FC-2615AC: All versions

e-STUDIO 3015AC FC-3015AC: All versions

e-STUDIO 3115AC FC-3115AC: All versions

e-STUDIO 3515AC FC-3515AC: All versions

e-STUDIO 3615AC FC-3615AC: All versions

e-STUDIO 4515AC FC-4515AC: All versions

e-STUDIO 4615AC FC-4615AC: All versions

e-STUDIO 5015AC FC-5015AC: All versions

e-STUDIO 5115AC FC-5115AC: All versions

e-STUDIO 2018A DP-2018A: All versions

e-STUDIO 2518A DP-2518A: All versions

e-STUDIO 2618A DP-2618A: All versions

e-STUDIO 3018A DP-3018A: All versions

e-STUDIO 3118A DP-3118A: All versions

e-STUDIO 3018AG DP-3018AG: All versions

e-STUDIO 3518A DP-3518A: All versions

e-STUDIO 3518AG DP-3518AG: All versions

e-STUDIO 3618A DP-3618A: All versions

e-STUDIO 3618AG DP-3618AG: All versions

e-STUDIO 4518A DP-4518A: All versions

e-STUDIO 4518AG DP-4518AG: All versions

e-STUDIO 4618A DP-4618A: All versions

e-STUDIO 4618AG DP-4618AG: All versions

e-STUDIO 5018A DP-5018A: All versions

e-STUDIO 5118A DP-5118A: All versions

e-STUDIO 5516AC FC-5516AC: All versions

e-STUDIO 5616AC FC-5616AC: All versions

e-STUDIO 6516AC FC-6516AC: All versions

e-STUDIO 6616AC FC-6616AC: All versions

e-STUDIO 7516AC FC-7516AC: All versions

e-STUDIO 7616AC FC-7616AC: All versions

e-STUDIO 5518A DP-5518A: All versions

e-STUDIO 5618A DP-5618A: All versions

e-STUDIO 6518A DP-6518A: All versions

e-STUDIO 6618A DP-6618A: All versions

e-STUDIO 7518A DP-7518A: All versions

e-STUDIO 7618A DP-7618A: All versions

e-STUDIO 8518A DP-8518A: All versions

e-STUDIO 8618A DP-8618A: All versions

e-STUDIO 2000AC FC-2000AC: All versions

e-STUDIO 2500AC FC-2500AC: All versions

e-STUDIO 2005NC FC-2005AC: All versions

e-STUDIO 2505AC FC-2005AC: All versions

e-STUDIO 3005AC FC-2005AC: All versions

e-STUDIO 3505AC FC-2005AC: All versions

e-STUDIO 4505AC FC-2005AC: All versions

e-STUDIO 5005AC FC-2005AC: All versions

e-STUDIO 2008A DP-2008A: All versions

e-STUDIO 2508A DP-2508A: All versions

e-STUDIO 3008A DP-3008A: All versions

e-STUDIO 3008AG DP-3008AG: All versions

e-STUDIO 3508A DP-3508A: All versions

e-STUDIO 3508AG DP-3508AG: All versions

e-STUDIO 4508A DP-4508A: All versions

e-STUDIO 4508AG DP-4508AG: All versions

e-STUDIO 5008A DP-5008A: All versions

e-STUDIO 5506AC FC-5506AC: All versions

e-STUDIO 6506AC FC-6506AC: All versions

e-STUDIO 7506AC FC-7506AC: All versions

e-STUDIO 5508A DP-5508A: All versions

e-STUDIO 6508A DP-6508A: All versions

e-STUDIO 7508A DP-7508A: All versions

e-STUDIO 8508A DP-8508A: All versions

e-STUDIO 3508LP DP-3535: All versions

e-STUDIO 4508LP DP-4535: All versions

e-STUDIO 5008LP DP-5035: All versions

CPE2.3 External links

http://jvn.jp/en/vu/JVNVU97136265/index.html
http://www.toshibatec.com/information/20240531_01.html


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

How the attacker can exploit this vulnerability?

The attacker would have to send a specially crafted request to the affected device in order to exploit this vulnerability.

The attacker would have to login to the system and perform certain actions in order to exploit this vulnerability.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

39) Incorrect default permissions

EUVDB-ID: #VU92272

Risk: Low

CVSSv3.1: 6.4 [CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-27171

CWE-ID: CWE-276 - Incorrect Default Permissions

Exploit availability: No

Description

The vulnerability allows a local attacker to execute arbitrary code on the system.

The vulnerability exists due to incorrect default permissions for files and folders that are set by the application. A local attacker can execute arbitrary code on the target system.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

e-STUDIO 2021AC FC-2021AC: All versions

e-STUDIO 2521AC FC-2521AC: All versions

e-STUDIO 2020AC FC-2020AC: All versions

e-STUDIO 2520AC FC-2520AC: All versions

e-STUDIO 2025NC FC-2025AC: All versions

e-STUDIO 2525AC FC-2525AC: All versions

e-STUDIO 3025AC FC-3025AC: All versions

e-STUDIO 3525AC FC-3525AC: All versions

e-STUDIO 3525ACG FC-3525ACG: All versions

e-STUDIO 4525AC FC-4525AC: All versions

e-STUDIO 4525ACG FC-4525ACG: All versions

e-STUDIO 5525AC FC-5525AC: All versions

e-STUDIO 5525ACG FC-5525ACG: All versions

e-STUDIO 6525AC FC-6525AC: All versions

e-STUDIO 6525ACG FC-6525ACG: All versions

e-STUDIO 2528A DP-2528A: All versions

e-STUDIO 3028A DP-3028A: All versions

e-STUDIO 3528A DP-3528A: All versions

e-STUDIO 3528AG DP-3528AG: All versions

e-STUDIO 4528A DP-4528A: All versions

e-STUDIO 4528AG DP-4528AG: All versions

e-STUDIO 5528A DP-5528A: All versions

e-STUDIO 6528A DP-6528A: All versions

e-STUDIO 6526AC FC-6526AC: All versions

e-STUDIO 6527AC FC-6527AC: All versions

e-STUDIO 7527AC FC-7527AC: All versions

e-STUDIO 6529A DP-6529A: All versions

e-STUDIO 7529A DP-7529A: All versions

e-STUDIO 9029A DP-9029A: All versions

e-STUDIO 330AC FC-330AC: All versions

e-STUDIO 400AC FC-400AC: All versions

e-STUDIO 2010AC FC-2010AC: All versions

e-STUDIO 2110AC FC-2110AC: All versions

e-STUDIO 2510AC FC-2510AC: All versions

e-STUDIO 2610AC FC-2610AC: All versions

e-STUDIO 2015NC FC-2015AC: All versions

e-STUDIO 2515AC FC-2515AC: All versions

e-STUDIO 2615AC FC-2615AC: All versions

e-STUDIO 3015AC FC-3015AC: All versions

e-STUDIO 3115AC FC-3115AC: All versions

e-STUDIO 3515AC FC-3515AC: All versions

e-STUDIO 3615AC FC-3615AC: All versions

e-STUDIO 4515AC FC-4515AC: All versions

e-STUDIO 4615AC FC-4615AC: All versions

e-STUDIO 5015AC FC-5015AC: All versions

e-STUDIO 5115AC FC-5115AC: All versions

e-STUDIO 2018A DP-2018A: All versions

e-STUDIO 2518A DP-2518A: All versions

e-STUDIO 2618A DP-2618A: All versions

e-STUDIO 3018A DP-3018A: All versions

e-STUDIO 3118A DP-3118A: All versions

e-STUDIO 3018AG DP-3018AG: All versions

e-STUDIO 3518A DP-3518A: All versions

e-STUDIO 3518AG DP-3518AG: All versions

e-STUDIO 3618A DP-3618A: All versions

e-STUDIO 3618AG DP-3618AG: All versions

e-STUDIO 4518A DP-4518A: All versions

e-STUDIO 4518AG DP-4518AG: All versions

e-STUDIO 4618A DP-4618A: All versions

e-STUDIO 4618AG DP-4618AG: All versions

e-STUDIO 5018A DP-5018A: All versions

e-STUDIO 5118A DP-5118A: All versions

e-STUDIO 5516AC FC-5516AC: All versions

e-STUDIO 5616AC FC-5616AC: All versions

e-STUDIO 6516AC FC-6516AC: All versions

e-STUDIO 6616AC FC-6616AC: All versions

e-STUDIO 7516AC FC-7516AC: All versions

e-STUDIO 7616AC FC-7616AC: All versions

e-STUDIO 5518A DP-5518A: All versions

e-STUDIO 5618A DP-5618A: All versions

e-STUDIO 6518A DP-6518A: All versions

e-STUDIO 6618A DP-6618A: All versions

e-STUDIO 7518A DP-7518A: All versions

e-STUDIO 7618A DP-7618A: All versions

e-STUDIO 8518A DP-8518A: All versions

e-STUDIO 8618A DP-8618A: All versions

e-STUDIO 2000AC FC-2000AC: All versions

e-STUDIO 2500AC FC-2500AC: All versions

e-STUDIO 2005NC FC-2005AC: All versions

e-STUDIO 2505AC FC-2005AC: All versions

e-STUDIO 3005AC FC-2005AC: All versions

e-STUDIO 3505AC FC-2005AC: All versions

e-STUDIO 4505AC FC-2005AC: All versions

e-STUDIO 5005AC FC-2005AC: All versions

e-STUDIO 2008A DP-2008A: All versions

e-STUDIO 2508A DP-2508A: All versions

e-STUDIO 3008A DP-3008A: All versions

e-STUDIO 3008AG DP-3008AG: All versions

e-STUDIO 3508A DP-3508A: All versions

e-STUDIO 3508AG DP-3508AG: All versions

e-STUDIO 4508A DP-4508A: All versions

e-STUDIO 4508AG DP-4508AG: All versions

e-STUDIO 5008A DP-5008A: All versions

e-STUDIO 5506AC FC-5506AC: All versions

e-STUDIO 6506AC FC-6506AC: All versions

e-STUDIO 7506AC FC-7506AC: All versions

e-STUDIO 5508A DP-5508A: All versions

e-STUDIO 6508A DP-6508A: All versions

e-STUDIO 7508A DP-7508A: All versions

e-STUDIO 8508A DP-8508A: All versions

e-STUDIO 3508LP DP-3535: All versions

e-STUDIO 4508LP DP-4535: All versions

e-STUDIO 5008LP DP-5035: All versions

CPE2.3 External links

http://jvn.jp/en/vu/JVNVU97136265/index.html
http://www.toshibatec.com/information/20240531_01.html


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

How the attacker can exploit this vulnerability?

The attacker would have to send a specially crafted request to the affected device in order to exploit this vulnerability.

The attacker would have to login to the system and perform certain actions in order to exploit this vulnerability.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

40) Path traversal

EUVDB-ID: #VU92273

Risk: High

CVSSv3.1: 8.5 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-27144

CWE-ID: CWE-22 - Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

Exploit availability: No

Description

The vulnerability allows a remote attacker to perform directory traversal attacks.

The vulnerability exists due to input validation error when processing directory traversal sequences. A remote attacker can send a specially crafted HTTP request and read arbitrary files on the system, leading to arbitrary code execution.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

e-STUDIO 2021AC FC-2021AC: All versions

e-STUDIO 2521AC FC-2521AC: All versions

e-STUDIO 2020AC FC-2020AC: All versions

e-STUDIO 2520AC FC-2520AC: All versions

e-STUDIO 2025NC FC-2025AC: All versions

e-STUDIO 2525AC FC-2525AC: All versions

e-STUDIO 3025AC FC-3025AC: All versions

e-STUDIO 3525AC FC-3525AC: All versions

e-STUDIO 3525ACG FC-3525ACG: All versions

e-STUDIO 4525AC FC-4525AC: All versions

e-STUDIO 4525ACG FC-4525ACG: All versions

e-STUDIO 5525AC FC-5525AC: All versions

e-STUDIO 5525ACG FC-5525ACG: All versions

e-STUDIO 6525AC FC-6525AC: All versions

e-STUDIO 6525ACG FC-6525ACG: All versions

e-STUDIO 2528A DP-2528A: All versions

e-STUDIO 3028A DP-3028A: All versions

e-STUDIO 3528A DP-3528A: All versions

e-STUDIO 3528AG DP-3528AG: All versions

e-STUDIO 4528A DP-4528A: All versions

e-STUDIO 4528AG DP-4528AG: All versions

e-STUDIO 5528A DP-5528A: All versions

e-STUDIO 6528A DP-6528A: All versions

e-STUDIO 6526AC FC-6526AC: All versions

e-STUDIO 6527AC FC-6527AC: All versions

e-STUDIO 7527AC FC-7527AC: All versions

e-STUDIO 6529A DP-6529A: All versions

e-STUDIO 7529A DP-7529A: All versions

e-STUDIO 9029A DP-9029A: All versions

e-STUDIO 330AC FC-330AC: All versions

e-STUDIO 400AC FC-400AC: All versions

e-STUDIO 2010AC FC-2010AC: All versions

e-STUDIO 2110AC FC-2110AC: All versions

e-STUDIO 2510AC FC-2510AC: All versions

e-STUDIO 2610AC FC-2610AC: All versions

e-STUDIO 2015NC FC-2015AC: All versions

e-STUDIO 2515AC FC-2515AC: All versions

e-STUDIO 2615AC FC-2615AC: All versions

e-STUDIO 3015AC FC-3015AC: All versions

e-STUDIO 3115AC FC-3115AC: All versions

e-STUDIO 3515AC FC-3515AC: All versions

e-STUDIO 3615AC FC-3615AC: All versions

e-STUDIO 4515AC FC-4515AC: All versions

e-STUDIO 4615AC FC-4615AC: All versions

e-STUDIO 5015AC FC-5015AC: All versions

e-STUDIO 5115AC FC-5115AC: All versions

e-STUDIO 2018A DP-2018A: All versions

e-STUDIO 2518A DP-2518A: All versions

e-STUDIO 2618A DP-2618A: All versions

e-STUDIO 3018A DP-3018A: All versions

e-STUDIO 3118A DP-3118A: All versions

e-STUDIO 3018AG DP-3018AG: All versions

e-STUDIO 3518A DP-3518A: All versions

e-STUDIO 3518AG DP-3518AG: All versions

e-STUDIO 3618A DP-3618A: All versions

e-STUDIO 3618AG DP-3618AG: All versions

e-STUDIO 4518A DP-4518A: All versions

e-STUDIO 4518AG DP-4518AG: All versions

e-STUDIO 4618A DP-4618A: All versions

e-STUDIO 4618AG DP-4618AG: All versions

e-STUDIO 5018A DP-5018A: All versions

e-STUDIO 5118A DP-5118A: All versions

e-STUDIO 5516AC FC-5516AC: All versions

e-STUDIO 5616AC FC-5616AC: All versions

e-STUDIO 6516AC FC-6516AC: All versions

e-STUDIO 6616AC FC-6616AC: All versions

e-STUDIO 7516AC FC-7516AC: All versions

e-STUDIO 7616AC FC-7616AC: All versions

e-STUDIO 5518A DP-5518A: All versions

e-STUDIO 5618A DP-5618A: All versions

e-STUDIO 6518A DP-6518A: All versions

e-STUDIO 6618A DP-6618A: All versions

e-STUDIO 7518A DP-7518A: All versions

e-STUDIO 7618A DP-7618A: All versions

e-STUDIO 8518A DP-8518A: All versions

e-STUDIO 8618A DP-8618A: All versions

e-STUDIO 2000AC FC-2000AC: All versions

e-STUDIO 2500AC FC-2500AC: All versions

e-STUDIO 2005NC FC-2005AC: All versions

e-STUDIO 2505AC FC-2005AC: All versions

e-STUDIO 3005AC FC-2005AC: All versions

e-STUDIO 3505AC FC-2005AC: All versions

e-STUDIO 4505AC FC-2005AC: All versions

e-STUDIO 5005AC FC-2005AC: All versions

e-STUDIO 2008A DP-2008A: All versions

e-STUDIO 2508A DP-2508A: All versions

e-STUDIO 3008A DP-3008A: All versions

e-STUDIO 3008AG DP-3008AG: All versions

e-STUDIO 3508A DP-3508A: All versions

e-STUDIO 3508AG DP-3508AG: All versions

e-STUDIO 4508A DP-4508A: All versions

e-STUDIO 4508AG DP-4508AG: All versions

e-STUDIO 5008A DP-5008A: All versions

e-STUDIO 5506AC FC-5506AC: All versions

e-STUDIO 6506AC FC-6506AC: All versions

e-STUDIO 7506AC FC-7506AC: All versions

e-STUDIO 5508A DP-5508A: All versions

e-STUDIO 6508A DP-6508A: All versions

e-STUDIO 7508A DP-7508A: All versions

e-STUDIO 8508A DP-8508A: All versions

e-STUDIO 3508LP DP-3535: All versions

e-STUDIO 4508LP DP-4535: All versions

e-STUDIO 5008LP DP-5035: All versions

CPE2.3 External links

http://jvn.jp/en/vu/JVNVU97136265/index.html
http://www.toshibatec.com/information/20240531_01.html


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

How the attacker can exploit this vulnerability?

The attacker would have to send a specially crafted request to the affected device in order to exploit this vulnerability.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

41) Path traversal

EUVDB-ID: #VU92274

Risk: High

CVSSv3.1: 8.5 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-27145

CWE-ID: CWE-22 - Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

Exploit availability: No

Description

The vulnerability allows a remote attacker to perform directory traversal attacks.

The vulnerability exists due to input validation error when processing directory traversal sequences. A remote attacker can send a specially crafted HTTP request and read arbitrary files on the system, leading to arbitrary code execution.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

e-STUDIO 2021AC FC-2021AC: All versions

e-STUDIO 2521AC FC-2521AC: All versions

e-STUDIO 2020AC FC-2020AC: All versions

e-STUDIO 2520AC FC-2520AC: All versions

e-STUDIO 2025NC FC-2025AC: All versions

e-STUDIO 2525AC FC-2525AC: All versions

e-STUDIO 3025AC FC-3025AC: All versions

e-STUDIO 3525AC FC-3525AC: All versions

e-STUDIO 3525ACG FC-3525ACG: All versions

e-STUDIO 4525AC FC-4525AC: All versions

e-STUDIO 4525ACG FC-4525ACG: All versions

e-STUDIO 5525AC FC-5525AC: All versions

e-STUDIO 5525ACG FC-5525ACG: All versions

e-STUDIO 6525AC FC-6525AC: All versions

e-STUDIO 6525ACG FC-6525ACG: All versions

e-STUDIO 2528A DP-2528A: All versions

e-STUDIO 3028A DP-3028A: All versions

e-STUDIO 3528A DP-3528A: All versions

e-STUDIO 3528AG DP-3528AG: All versions

e-STUDIO 4528A DP-4528A: All versions

e-STUDIO 4528AG DP-4528AG: All versions

e-STUDIO 5528A DP-5528A: All versions

e-STUDIO 6528A DP-6528A: All versions

e-STUDIO 6526AC FC-6526AC: All versions

e-STUDIO 6527AC FC-6527AC: All versions

e-STUDIO 7527AC FC-7527AC: All versions

e-STUDIO 6529A DP-6529A: All versions

e-STUDIO 7529A DP-7529A: All versions

e-STUDIO 9029A DP-9029A: All versions

e-STUDIO 330AC FC-330AC: All versions

e-STUDIO 400AC FC-400AC: All versions

e-STUDIO 2010AC FC-2010AC: All versions

e-STUDIO 2110AC FC-2110AC: All versions

e-STUDIO 2510AC FC-2510AC: All versions

e-STUDIO 2610AC FC-2610AC: All versions

e-STUDIO 2015NC FC-2015AC: All versions

e-STUDIO 2515AC FC-2515AC: All versions

e-STUDIO 2615AC FC-2615AC: All versions

e-STUDIO 3015AC FC-3015AC: All versions

e-STUDIO 3115AC FC-3115AC: All versions

e-STUDIO 3515AC FC-3515AC: All versions

e-STUDIO 3615AC FC-3615AC: All versions

e-STUDIO 4515AC FC-4515AC: All versions

e-STUDIO 4615AC FC-4615AC: All versions

e-STUDIO 5015AC FC-5015AC: All versions

e-STUDIO 5115AC FC-5115AC: All versions

e-STUDIO 2018A DP-2018A: All versions

e-STUDIO 2518A DP-2518A: All versions

e-STUDIO 2618A DP-2618A: All versions

e-STUDIO 3018A DP-3018A: All versions

e-STUDIO 3118A DP-3118A: All versions

e-STUDIO 3018AG DP-3018AG: All versions

e-STUDIO 3518A DP-3518A: All versions

e-STUDIO 3518AG DP-3518AG: All versions

e-STUDIO 3618A DP-3618A: All versions

e-STUDIO 3618AG DP-3618AG: All versions

e-STUDIO 4518A DP-4518A: All versions

e-STUDIO 4518AG DP-4518AG: All versions

e-STUDIO 4618A DP-4618A: All versions

e-STUDIO 4618AG DP-4618AG: All versions

e-STUDIO 5018A DP-5018A: All versions

e-STUDIO 5118A DP-5118A: All versions

e-STUDIO 5516AC FC-5516AC: All versions

e-STUDIO 5616AC FC-5616AC: All versions

e-STUDIO 6516AC FC-6516AC: All versions

e-STUDIO 6616AC FC-6616AC: All versions

e-STUDIO 7516AC FC-7516AC: All versions

e-STUDIO 7616AC FC-7616AC: All versions

e-STUDIO 5518A DP-5518A: All versions

e-STUDIO 5618A DP-5618A: All versions

e-STUDIO 6518A DP-6518A: All versions

e-STUDIO 6618A DP-6618A: All versions

e-STUDIO 7518A DP-7518A: All versions

e-STUDIO 7618A DP-7618A: All versions

e-STUDIO 8518A DP-8518A: All versions

e-STUDIO 8618A DP-8618A: All versions

e-STUDIO 2000AC FC-2000AC: All versions

e-STUDIO 2500AC FC-2500AC: All versions

e-STUDIO 2005NC FC-2005AC: All versions

e-STUDIO 2505AC FC-2005AC: All versions

e-STUDIO 3005AC FC-2005AC: All versions

e-STUDIO 3505AC FC-2005AC: All versions

e-STUDIO 4505AC FC-2005AC: All versions

e-STUDIO 5005AC FC-2005AC: All versions

e-STUDIO 2008A DP-2008A: All versions

e-STUDIO 2508A DP-2508A: All versions

e-STUDIO 3008A DP-3008A: All versions

e-STUDIO 3008AG DP-3008AG: All versions

e-STUDIO 3508A DP-3508A: All versions

e-STUDIO 3508AG DP-3508AG: All versions

e-STUDIO 4508A DP-4508A: All versions

e-STUDIO 4508AG DP-4508AG: All versions

e-STUDIO 5008A DP-5008A: All versions

e-STUDIO 5506AC FC-5506AC: All versions

e-STUDIO 6506AC FC-6506AC: All versions

e-STUDIO 7506AC FC-7506AC: All versions

e-STUDIO 5508A DP-5508A: All versions

e-STUDIO 6508A DP-6508A: All versions

e-STUDIO 7508A DP-7508A: All versions

e-STUDIO 8508A DP-8508A: All versions

e-STUDIO 3508LP DP-3535: All versions

e-STUDIO 4508LP DP-4535: All versions

e-STUDIO 5008LP DP-5035: All versions

CPE2.3 External links

http://jvn.jp/en/vu/JVNVU97136265/index.html
http://www.toshibatec.com/information/20240531_01.html


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

How the attacker can exploit this vulnerability?

The attacker would have to send a specially crafted request to the affected device in order to exploit this vulnerability.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

42) Path traversal

EUVDB-ID: #VU92275

Risk: High

CVSSv3.1: 8.5 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-27173

CWE-ID: CWE-22 - Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

Exploit availability: No

Description

The vulnerability allows a remote attacker to perform directory traversal attacks.

The vulnerability exists due to input validation error when processing directory traversal sequences. A remote attacker can send a specially crafted HTTP request and read arbitrary files on the system, leading to arbitrary code execution.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

e-STUDIO 2021AC FC-2021AC: All versions

e-STUDIO 2521AC FC-2521AC: All versions

e-STUDIO 2020AC FC-2020AC: All versions

e-STUDIO 2520AC FC-2520AC: All versions

e-STUDIO 2025NC FC-2025AC: All versions

e-STUDIO 2525AC FC-2525AC: All versions

e-STUDIO 3025AC FC-3025AC: All versions

e-STUDIO 3525AC FC-3525AC: All versions

e-STUDIO 3525ACG FC-3525ACG: All versions

e-STUDIO 4525AC FC-4525AC: All versions

e-STUDIO 4525ACG FC-4525ACG: All versions

e-STUDIO 5525AC FC-5525AC: All versions

e-STUDIO 5525ACG FC-5525ACG: All versions

e-STUDIO 6525AC FC-6525AC: All versions

e-STUDIO 6525ACG FC-6525ACG: All versions

e-STUDIO 2528A DP-2528A: All versions

e-STUDIO 3028A DP-3028A: All versions

e-STUDIO 3528A DP-3528A: All versions

e-STUDIO 3528AG DP-3528AG: All versions

e-STUDIO 4528A DP-4528A: All versions

e-STUDIO 4528AG DP-4528AG: All versions

e-STUDIO 5528A DP-5528A: All versions

e-STUDIO 6528A DP-6528A: All versions

e-STUDIO 6526AC FC-6526AC: All versions

e-STUDIO 6527AC FC-6527AC: All versions

e-STUDIO 7527AC FC-7527AC: All versions

e-STUDIO 6529A DP-6529A: All versions

e-STUDIO 7529A DP-7529A: All versions

e-STUDIO 9029A DP-9029A: All versions

e-STUDIO 330AC FC-330AC: All versions

e-STUDIO 400AC FC-400AC: All versions

e-STUDIO 2010AC FC-2010AC: All versions

e-STUDIO 2110AC FC-2110AC: All versions

e-STUDIO 2510AC FC-2510AC: All versions

e-STUDIO 2610AC FC-2610AC: All versions

e-STUDIO 2015NC FC-2015AC: All versions

e-STUDIO 2515AC FC-2515AC: All versions

e-STUDIO 2615AC FC-2615AC: All versions

e-STUDIO 3015AC FC-3015AC: All versions

e-STUDIO 3115AC FC-3115AC: All versions

e-STUDIO 3515AC FC-3515AC: All versions

e-STUDIO 3615AC FC-3615AC: All versions

e-STUDIO 4515AC FC-4515AC: All versions

e-STUDIO 4615AC FC-4615AC: All versions

e-STUDIO 5015AC FC-5015AC: All versions

e-STUDIO 5115AC FC-5115AC: All versions

e-STUDIO 2018A DP-2018A: All versions

e-STUDIO 2518A DP-2518A: All versions

e-STUDIO 2618A DP-2618A: All versions

e-STUDIO 3018A DP-3018A: All versions

e-STUDIO 3118A DP-3118A: All versions

e-STUDIO 3018AG DP-3018AG: All versions

e-STUDIO 3518A DP-3518A: All versions

e-STUDIO 3518AG DP-3518AG: All versions

e-STUDIO 3618A DP-3618A: All versions

e-STUDIO 3618AG DP-3618AG: All versions

e-STUDIO 4518A DP-4518A: All versions

e-STUDIO 4518AG DP-4518AG: All versions

e-STUDIO 4618A DP-4618A: All versions

e-STUDIO 4618AG DP-4618AG: All versions

e-STUDIO 5018A DP-5018A: All versions

e-STUDIO 5118A DP-5118A: All versions

e-STUDIO 5516AC FC-5516AC: All versions

e-STUDIO 5616AC FC-5616AC: All versions

e-STUDIO 6516AC FC-6516AC: All versions

e-STUDIO 6616AC FC-6616AC: All versions

e-STUDIO 7516AC FC-7516AC: All versions

e-STUDIO 7616AC FC-7616AC: All versions

e-STUDIO 5518A DP-5518A: All versions

e-STUDIO 5618A DP-5618A: All versions

e-STUDIO 6518A DP-6518A: All versions

e-STUDIO 6618A DP-6618A: All versions

e-STUDIO 7518A DP-7518A: All versions

e-STUDIO 7618A DP-7618A: All versions

e-STUDIO 8518A DP-8518A: All versions

e-STUDIO 8618A DP-8618A: All versions

e-STUDIO 2000AC FC-2000AC: All versions

e-STUDIO 2500AC FC-2500AC: All versions

e-STUDIO 2005NC FC-2005AC: All versions

e-STUDIO 2505AC FC-2005AC: All versions

e-STUDIO 3005AC FC-2005AC: All versions

e-STUDIO 3505AC FC-2005AC: All versions

e-STUDIO 4505AC FC-2005AC: All versions

e-STUDIO 5005AC FC-2005AC: All versions

e-STUDIO 2008A DP-2008A: All versions

e-STUDIO 2508A DP-2508A: All versions

e-STUDIO 3008A DP-3008A: All versions

e-STUDIO 3008AG DP-3008AG: All versions

e-STUDIO 3508A DP-3508A: All versions

e-STUDIO 3508AG DP-3508AG: All versions

e-STUDIO 4508A DP-4508A: All versions

e-STUDIO 4508AG DP-4508AG: All versions

e-STUDIO 5008A DP-5008A: All versions

e-STUDIO 5506AC FC-5506AC: All versions

e-STUDIO 6506AC FC-6506AC: All versions

e-STUDIO 7506AC FC-7506AC: All versions

e-STUDIO 5508A DP-5508A: All versions

e-STUDIO 6508A DP-6508A: All versions

e-STUDIO 7508A DP-7508A: All versions

e-STUDIO 8508A DP-8508A: All versions

e-STUDIO 3508LP DP-3535: All versions

e-STUDIO 4508LP DP-4535: All versions

e-STUDIO 5008LP DP-5035: All versions

CPE2.3 External links

http://jvn.jp/en/vu/JVNVU97136265/index.html
http://www.toshibatec.com/information/20240531_01.html


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

How the attacker can exploit this vulnerability?

The attacker would have to send a specially crafted request to the affected device in order to exploit this vulnerability.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

43) Path traversal

EUVDB-ID: #VU92276

Risk: High

CVSSv3.1: 8.5 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-27174

CWE-ID: CWE-22 - Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

Exploit availability: No

Description

The vulnerability allows a remote attacker to perform directory traversal attacks.

The vulnerability exists due to input validation error when processing directory traversal sequences. A remote attacker can send a specially crafted HTTP request and read arbitrary files on the system, leading to arbitrary code execution.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

e-STUDIO 2021AC FC-2021AC: All versions

e-STUDIO 2521AC FC-2521AC: All versions

e-STUDIO 2020AC FC-2020AC: All versions

e-STUDIO 2520AC FC-2520AC: All versions

e-STUDIO 2025NC FC-2025AC: All versions

e-STUDIO 2525AC FC-2525AC: All versions

e-STUDIO 3025AC FC-3025AC: All versions

e-STUDIO 3525AC FC-3525AC: All versions

e-STUDIO 3525ACG FC-3525ACG: All versions

e-STUDIO 4525AC FC-4525AC: All versions

e-STUDIO 4525ACG FC-4525ACG: All versions

e-STUDIO 5525AC FC-5525AC: All versions

e-STUDIO 5525ACG FC-5525ACG: All versions

e-STUDIO 6525AC FC-6525AC: All versions

e-STUDIO 6525ACG FC-6525ACG: All versions

e-STUDIO 2528A DP-2528A: All versions

e-STUDIO 3028A DP-3028A: All versions

e-STUDIO 3528A DP-3528A: All versions

e-STUDIO 3528AG DP-3528AG: All versions

e-STUDIO 4528A DP-4528A: All versions

e-STUDIO 4528AG DP-4528AG: All versions

e-STUDIO 5528A DP-5528A: All versions

e-STUDIO 6528A DP-6528A: All versions

e-STUDIO 6526AC FC-6526AC: All versions

e-STUDIO 6527AC FC-6527AC: All versions

e-STUDIO 7527AC FC-7527AC: All versions

e-STUDIO 6529A DP-6529A: All versions

e-STUDIO 7529A DP-7529A: All versions

e-STUDIO 9029A DP-9029A: All versions

e-STUDIO 330AC FC-330AC: All versions

e-STUDIO 400AC FC-400AC: All versions

e-STUDIO 2010AC FC-2010AC: All versions

e-STUDIO 2110AC FC-2110AC: All versions

e-STUDIO 2510AC FC-2510AC: All versions

e-STUDIO 2610AC FC-2610AC: All versions

e-STUDIO 2015NC FC-2015AC: All versions

e-STUDIO 2515AC FC-2515AC: All versions

e-STUDIO 2615AC FC-2615AC: All versions

e-STUDIO 3015AC FC-3015AC: All versions

e-STUDIO 3115AC FC-3115AC: All versions

e-STUDIO 3515AC FC-3515AC: All versions

e-STUDIO 3615AC FC-3615AC: All versions

e-STUDIO 4515AC FC-4515AC: All versions

e-STUDIO 4615AC FC-4615AC: All versions

e-STUDIO 5015AC FC-5015AC: All versions

e-STUDIO 5115AC FC-5115AC: All versions

e-STUDIO 2018A DP-2018A: All versions

e-STUDIO 2518A DP-2518A: All versions

e-STUDIO 2618A DP-2618A: All versions

e-STUDIO 3018A DP-3018A: All versions

e-STUDIO 3118A DP-3118A: All versions

e-STUDIO 3018AG DP-3018AG: All versions

e-STUDIO 3518A DP-3518A: All versions

e-STUDIO 3518AG DP-3518AG: All versions

e-STUDIO 3618A DP-3618A: All versions

e-STUDIO 3618AG DP-3618AG: All versions

e-STUDIO 4518A DP-4518A: All versions

e-STUDIO 4518AG DP-4518AG: All versions

e-STUDIO 4618A DP-4618A: All versions

e-STUDIO 4618AG DP-4618AG: All versions

e-STUDIO 5018A DP-5018A: All versions

e-STUDIO 5118A DP-5118A: All versions

e-STUDIO 5516AC FC-5516AC: All versions

e-STUDIO 5616AC FC-5616AC: All versions

e-STUDIO 6516AC FC-6516AC: All versions

e-STUDIO 6616AC FC-6616AC: All versions

e-STUDIO 7516AC FC-7516AC: All versions

e-STUDIO 7616AC FC-7616AC: All versions

e-STUDIO 5518A DP-5518A: All versions

e-STUDIO 5618A DP-5618A: All versions

e-STUDIO 6518A DP-6518A: All versions

e-STUDIO 6618A DP-6618A: All versions

e-STUDIO 7518A DP-7518A: All versions

e-STUDIO 7618A DP-7618A: All versions

e-STUDIO 8518A DP-8518A: All versions

e-STUDIO 8618A DP-8618A: All versions

e-STUDIO 2000AC FC-2000AC: All versions

e-STUDIO 2500AC FC-2500AC: All versions

e-STUDIO 2005NC FC-2005AC: All versions

e-STUDIO 2505AC FC-2005AC: All versions

e-STUDIO 3005AC FC-2005AC: All versions

e-STUDIO 3505AC FC-2005AC: All versions

e-STUDIO 4505AC FC-2005AC: All versions

e-STUDIO 5005AC FC-2005AC: All versions

e-STUDIO 2008A DP-2008A: All versions

e-STUDIO 2508A DP-2508A: All versions

e-STUDIO 3008A DP-3008A: All versions

e-STUDIO 3008AG DP-3008AG: All versions

e-STUDIO 3508A DP-3508A: All versions

e-STUDIO 3508AG DP-3508AG: All versions

e-STUDIO 4508A DP-4508A: All versions

e-STUDIO 4508AG DP-4508AG: All versions

e-STUDIO 5008A DP-5008A: All versions

e-STUDIO 5506AC FC-5506AC: All versions

e-STUDIO 6506AC FC-6506AC: All versions

e-STUDIO 7506AC FC-7506AC: All versions

e-STUDIO 5508A DP-5508A: All versions

e-STUDIO 6508A DP-6508A: All versions

e-STUDIO 7508A DP-7508A: All versions

e-STUDIO 8508A DP-8508A: All versions

e-STUDIO 3508LP DP-3535: All versions

e-STUDIO 4508LP DP-4535: All versions

e-STUDIO 5008LP DP-5035: All versions

CPE2.3 External links

http://jvn.jp/en/vu/JVNVU97136265/index.html
http://www.toshibatec.com/information/20240531_01.html


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

How the attacker can exploit this vulnerability?

The attacker would have to send a specially crafted request to the affected device in order to exploit this vulnerability.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.



###SIDEBAR###