#VU92391 Use of hard-coded credentials in Toshiba products - CVE-2024-27161
Published: June 20, 2024
Vulnerability identifier: #VU92391
Vulnerability risk: Low
CVSSv4.0: CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear
CVE-ID: CVE-2024-27161
CWE-ID: CWE-798
Exploitation vector: Local access
Exploit availability:
No public exploit available
Vulnerable software:
e-STUDIO 2021AC FC-2021AC
e-STUDIO 2521AC FC-2521AC
e-STUDIO 2020AC FC-2020AC
e-STUDIO 2520AC FC-2520AC
e-STUDIO 2025NC FC-2025AC
e-STUDIO 2525AC FC-2525AC
e-STUDIO 3025AC FC-3025AC
e-STUDIO 3525AC FC-3525AC
e-STUDIO 3525ACG FC-3525ACG
e-STUDIO 4525AC FC-4525AC
e-STUDIO 4525ACG FC-4525ACG
e-STUDIO 5525AC FC-5525AC
e-STUDIO 5525ACG FC-5525ACG
e-STUDIO 6525AC FC-6525AC
e-STUDIO 6525ACG FC-6525ACG
e-STUDIO 2528A DP-2528A
e-STUDIO 3028A DP-3028A
e-STUDIO 3528A DP-3528A
e-STUDIO 3528AG DP-3528AG
e-STUDIO 4528A DP-4528A
e-STUDIO 4528AG DP-4528AG
e-STUDIO 5528A DP-5528A
e-STUDIO 6528A DP-6528A
e-STUDIO 6526AC FC-6526AC
e-STUDIO 6527AC FC-6527AC
e-STUDIO 7527AC FC-7527AC
e-STUDIO 6529A DP-6529A
e-STUDIO 7529A DP-7529A
e-STUDIO 9029A DP-9029A
e-STUDIO 330AC FC-330AC
e-STUDIO 400AC FC-400AC
e-STUDIO 2010AC FC-2010AC
e-STUDIO 2110AC FC-2110AC
e-STUDIO 2510AC FC-2510AC
e-STUDIO 2610AC FC-2610AC
e-STUDIO 2015NC FC-2015AC
e-STUDIO 2515AC FC-2515AC
e-STUDIO 2615AC FC-2615AC
e-STUDIO 3015AC FC-3015AC
e-STUDIO 3115AC FC-3115AC
e-STUDIO 3515AC FC-3515AC
e-STUDIO 3615AC FC-3615AC
e-STUDIO 4515AC FC-4515AC
e-STUDIO 4615AC FC-4615AC
e-STUDIO 5015AC FC-5015AC
e-STUDIO 5115AC FC-5115AC
e-STUDIO 2018A DP-2018A
e-STUDIO 2518A DP-2518A
e-STUDIO 2618A DP-2618A
e-STUDIO 3018A DP-3018A
e-STUDIO 3118A DP-3118A
e-STUDIO 3018AG DP-3018AG
e-STUDIO 3518A DP-3518A
e-STUDIO 3518AG DP-3518AG
e-STUDIO 3618A DP-3618A
e-STUDIO 3618AG DP-3618AG
e-STUDIO 4518A DP-4518A
e-STUDIO 4518AG DP-4518AG
e-STUDIO 4618A DP-4618A
e-STUDIO 4618AG DP-4618AG
e-STUDIO 5018A DP-5018A
e-STUDIO 5118A DP-5118A
e-STUDIO 5516AC FC-5516AC
e-STUDIO 5616AC FC-5616AC
e-STUDIO 6516AC FC-6516AC
e-STUDIO 6616AC FC-6616AC
e-STUDIO 7516AC FC-7516AC
e-STUDIO 7616AC FC-7616AC
e-STUDIO 5518A DP-5518A
e-STUDIO 5618A DP-5618A
e-STUDIO 6518A DP-6518A
e-STUDIO 6618A DP-6618A
e-STUDIO 7518A DP-7518A
e-STUDIO 7618A DP-7618A
e-STUDIO 8518A DP-8518A
e-STUDIO 8618A DP-8618A
e-STUDIO 2000AC FC-2000AC
e-STUDIO 2500AC FC-2500AC
e-STUDIO 2005NC FC-2005AC
e-STUDIO 2505AC FC-2005AC
e-STUDIO 3005AC FC-2005AC
e-STUDIO 3505AC FC-2005AC
e-STUDIO 4505AC FC-2005AC
e-STUDIO 5005AC FC-2005AC
e-STUDIO 2008A DP-2008A
e-STUDIO 2508A DP-2508A
e-STUDIO 3008A DP-3008A
e-STUDIO 3008AG DP-3008AG
e-STUDIO 3508A DP-3508A
e-STUDIO 3508AG DP-3508AG
e-STUDIO 4508A DP-4508A
e-STUDIO 4508AG DP-4508AG
e-STUDIO 5008A DP-5008A
e-STUDIO 5506AC FC-5506AC
e-STUDIO 6506AC FC-6506AC
e-STUDIO 7506AC FC-7506AC
e-STUDIO 5508A DP-5508A
e-STUDIO 6508A DP-6508A
e-STUDIO 7508A DP-7508A
e-STUDIO 8508A DP-8508A
e-STUDIO 3508LP DP-3535
e-STUDIO 4508LP DP-4535
e-STUDIO 5008LP DP-5035
e-STUDIO 2021AC FC-2021AC
e-STUDIO 2521AC FC-2521AC
e-STUDIO 2020AC FC-2020AC
e-STUDIO 2520AC FC-2520AC
e-STUDIO 2025NC FC-2025AC
e-STUDIO 2525AC FC-2525AC
e-STUDIO 3025AC FC-3025AC
e-STUDIO 3525AC FC-3525AC
e-STUDIO 3525ACG FC-3525ACG
e-STUDIO 4525AC FC-4525AC
e-STUDIO 4525ACG FC-4525ACG
e-STUDIO 5525AC FC-5525AC
e-STUDIO 5525ACG FC-5525ACG
e-STUDIO 6525AC FC-6525AC
e-STUDIO 6525ACG FC-6525ACG
e-STUDIO 2528A DP-2528A
e-STUDIO 3028A DP-3028A
e-STUDIO 3528A DP-3528A
e-STUDIO 3528AG DP-3528AG
e-STUDIO 4528A DP-4528A
e-STUDIO 4528AG DP-4528AG
e-STUDIO 5528A DP-5528A
e-STUDIO 6528A DP-6528A
e-STUDIO 6526AC FC-6526AC
e-STUDIO 6527AC FC-6527AC
e-STUDIO 7527AC FC-7527AC
e-STUDIO 6529A DP-6529A
e-STUDIO 7529A DP-7529A
e-STUDIO 9029A DP-9029A
e-STUDIO 330AC FC-330AC
e-STUDIO 400AC FC-400AC
e-STUDIO 2010AC FC-2010AC
e-STUDIO 2110AC FC-2110AC
e-STUDIO 2510AC FC-2510AC
e-STUDIO 2610AC FC-2610AC
e-STUDIO 2015NC FC-2015AC
e-STUDIO 2515AC FC-2515AC
e-STUDIO 2615AC FC-2615AC
e-STUDIO 3015AC FC-3015AC
e-STUDIO 3115AC FC-3115AC
e-STUDIO 3515AC FC-3515AC
e-STUDIO 3615AC FC-3615AC
e-STUDIO 4515AC FC-4515AC
e-STUDIO 4615AC FC-4615AC
e-STUDIO 5015AC FC-5015AC
e-STUDIO 5115AC FC-5115AC
e-STUDIO 2018A DP-2018A
e-STUDIO 2518A DP-2518A
e-STUDIO 2618A DP-2618A
e-STUDIO 3018A DP-3018A
e-STUDIO 3118A DP-3118A
e-STUDIO 3018AG DP-3018AG
e-STUDIO 3518A DP-3518A
e-STUDIO 3518AG DP-3518AG
e-STUDIO 3618A DP-3618A
e-STUDIO 3618AG DP-3618AG
e-STUDIO 4518A DP-4518A
e-STUDIO 4518AG DP-4518AG
e-STUDIO 4618A DP-4618A
e-STUDIO 4618AG DP-4618AG
e-STUDIO 5018A DP-5018A
e-STUDIO 5118A DP-5118A
e-STUDIO 5516AC FC-5516AC
e-STUDIO 5616AC FC-5616AC
e-STUDIO 6516AC FC-6516AC
e-STUDIO 6616AC FC-6616AC
e-STUDIO 7516AC FC-7516AC
e-STUDIO 7616AC FC-7616AC
e-STUDIO 5518A DP-5518A
e-STUDIO 5618A DP-5618A
e-STUDIO 6518A DP-6518A
e-STUDIO 6618A DP-6618A
e-STUDIO 7518A DP-7518A
e-STUDIO 7618A DP-7618A
e-STUDIO 8518A DP-8518A
e-STUDIO 8618A DP-8618A
e-STUDIO 2000AC FC-2000AC
e-STUDIO 2500AC FC-2500AC
e-STUDIO 2005NC FC-2005AC
e-STUDIO 2505AC FC-2005AC
e-STUDIO 3005AC FC-2005AC
e-STUDIO 3505AC FC-2005AC
e-STUDIO 4505AC FC-2005AC
e-STUDIO 5005AC FC-2005AC
e-STUDIO 2008A DP-2008A
e-STUDIO 2508A DP-2508A
e-STUDIO 3008A DP-3008A
e-STUDIO 3008AG DP-3008AG
e-STUDIO 3508A DP-3508A
e-STUDIO 3508AG DP-3508AG
e-STUDIO 4508A DP-4508A
e-STUDIO 4508AG DP-4508AG
e-STUDIO 5008A DP-5008A
e-STUDIO 5506AC FC-5506AC
e-STUDIO 6506AC FC-6506AC
e-STUDIO 7506AC FC-7506AC
e-STUDIO 5508A DP-5508A
e-STUDIO 6508A DP-6508A
e-STUDIO 7508A DP-7508A
e-STUDIO 8508A DP-8508A
e-STUDIO 3508LP DP-3535
e-STUDIO 4508LP DP-4535
e-STUDIO 5008LP DP-5035
Software vendor:
Toshiba
Toshiba
Description
The vulnerability allows a local attacker to gain full access to vulnerable system.
The vulnerability exists due to presence of hard-coded credentials in application code. A local attacker can decrypt the encrypted files using the hardcoded key.
Remediation
Install updates from vendor's website.