Sharp and Toshiba Tec MFPs Exposed: Multiple Vulnerabilities Put Businesses at Risk

CVE-2024-47406

A new report reveals a concerning number of security vulnerabilities affecting Sharp and Toshiba Tec multifunction printers (MFPs). These flaws could allow attackers to crash devices, steal sensitive information, bypass authentication, and even execute malicious code.

A Range of Exploitable Flaws

The vulnerabilities, discovered by researchers and documented in multiple CVEs (Common Vulnerabilities and Exposures), include:

  • Out-of-bounds Read (CVE-2024-42420, CVE-2024-43424, CVE-2024-45829): These flaws stem from improper processing of various types of input, such as keyword searches, SOAP messages, and HTTP request headers. Attackers could exploit these to crash the MFP.
  • Path Traversal (CVE-2024-45842): By manipulating URI data in HTTP PUT requests, attackers could gain unauthorized access to internal files on the device.
  • Improper Access Restriction (CVE-2024-47005): Configuration-related APIs lack sufficient protection, potentially allowing non-administrative users to make unauthorized changes.
  • Authentication Bypass (CVE-2024-47406, CVSS 9.1): Weaknesses in HTTP authentication processing could enable attackers to bypass security measures and gain access.
  • Improper Processing of Query Parameters (CVE-2024-47549): This vulnerability could allow attackers to inject malicious scripts into HTTP response headers.
  • Cross-site Scripting (CVE-2024-47801, CVE-2024-48870): Both reflected and stored XSS vulnerabilities were identified, potentially enabling attackers to execute malicious scripts on users’ web browsers.

Impact and Mitigation

These vulnerabilities pose a significant risk to organizations that rely on Sharp and Toshiba Tec MFPs. Attackers could exploit these flaws to disrupt operations, steal confidential data, or gain a foothold in the network for further malicious activities.

Urgent Action Needed:

Sharp and Toshiba Tec have released firmware updates to address these vulnerabilities. Users are strongly urged to update their devices immediately.

Additional Protective Measures:

In addition to applying firmware updates, organizations can take the following steps to mitigate the risks:

  • Network Segmentation: Isolate MFPs on a separate network segment to limit the potential impact of a compromise.
  • Firewall Protection: Utilize firewalls to block unauthorized access to the devices.
  • Strong Passwords: Set strong administrative passwords and change them regularly.

Related Posts: