Check Point Advisories

Toshiba Multi-Function Printers Command Injection (CVE-2024-27172)

Check Point Reference: CPAI-2024-0587
Date Published: 24 Jul 2024
Severity: Critical
Last Updated: Wednesday 24 July, 2024
Source:
Industry Reference:CVE-2024-27172
Protection Provided by:

Security Gateway
R81, R80, R77, R75
Who is Vulnerable? Toshiba e-STUDIO 2021AC printer
Toshiba e-STUDIO 2521AC printer
Toshiba e-STUDIO 2020AC printer
Toshiba e-STUDIO 2520AC printer
Toshiba e-STUDIO 2025NC printer
Toshiba e-STUDIO 2525AC printer
Toshiba e-STUDIO 3025AC printer
Toshiba e-STUDIO 3525AC printer
Toshiba e-STUDIO 3525ACG printer
Toshiba e-STUDIO 4525AC printer
Toshiba e-STUDIO 4525ACG printer
Toshiba e-STUDIO 5525AC printer
Toshiba e-STUDIO 5525ACG printer
Toshiba e-STUDIO 6525AC printer
Toshiba e-STUDIO 6525ACG printer
Toshiba e-STUDIO 2528A printer
Toshiba e-STUDIO 3028A printer
Toshiba e-STUDIO 3528A printer
Toshiba e-STUDIO 3528AG printer
Toshiba e-STUDIO 4528A printer
Toshiba e-STUDIO 4528AG printer
Toshiba e-STUDIO 5528A printer
Toshiba e-STUDIO 6528A printer
Toshiba e-STUDIO 6526AC printer
Toshiba e-STUDIO 6527AC printer
Toshiba e-STUDIO 7527AC printer
Toshiba e-STUDIO 6529A printer
Toshiba e-STUDIO 7529A printer
Toshiba e-STUDIO 9029A printer
Toshiba e-STUDIO 330AC printer
Toshiba e-STUDIO 400AC printer
Toshiba e-STUDIO 2010AC printer
Toshiba e-STUDIO 2110AC printer
Toshiba e-STUDIO 2510AC printer
Toshiba e-STUDIO 2610AC printer
Toshiba e-STUDIO 2015NC printer
Toshiba e-STUDIO 2515AC printer
Toshiba e-STUDIO 2615AC printer
Toshiba e-STUDIO 3015AC printer
Toshiba e-STUDIO 3115AC printer
Toshiba e-STUDIO 3515AC printer
Toshiba e-STUDIO 3615AC printer
Toshiba e-STUDIO 4515AC printer
Toshiba e-STUDIO 4615AC printer
Toshiba e-STUDIO 5015AC printer
Toshiba e-STUDIO 5115AC printer
Toshiba e-STUDIO 2018A printer
Toshiba e-STUDIO 2518A printer
Toshiba e-STUDIO 2618A printer
Toshiba e-STUDIO 3018A printer
Toshiba e-STUDIO 3118A printer
Toshiba e-STUDIO 3018AG printer
Toshiba e-STUDIO 3518A printer
Toshiba e-STUDIO 3518AG printer
Toshiba e-STUDIO 3618A printer
Toshiba e-STUDIO 3618AG printer
Toshiba e-STUDIO 4518A printer
Toshiba e-STUDIO 4518AG printer
Toshiba e-STUDIO 4618A printer
Toshiba e-STUDIO 4618AG printer
Toshiba e-STUDIO 5018A printer
Toshiba e-STUDIO 5118A printer
Toshiba e-STUDIO 5516AC printer
Toshiba e-STUDIO 5616AC printer
Toshiba e-STUDIO 6516AC printer
Toshiba e-STUDIO 6616AC printer
Toshiba e-STUDIO 7516AC printer
Toshiba e-STUDIO 7616AC printer
Toshiba e-STUDIO 5518A printer
Toshiba e-STUDIO 5618A printer
Toshiba e-STUDIO 6518A printer
Toshiba e-STUDIO 6618A printer
Toshiba e-STUDIO 7518A printer
Toshiba e-STUDIO 7618A printer
Toshiba e-STUDIO 8518A printer
Toshiba e-STUDIO 8618A printer
Toshiba e-STUDIO 2000AC printer
Toshiba e-STUDIO 2500AC printer
Toshiba e-STUDIO 2005NC printer
Toshiba e-STUDIO 2505AC printer
Toshiba e-STUDIO 3005AC printer
Toshiba e-STUDIO 3505AC printer
Toshiba e-STUDIO 4505AC printer
Toshiba e-STUDIO 5005AC printer
Toshiba e-STUDIO 2008A printer
Toshiba e-STUDIO 2508A printer
Toshiba e-STUDIO 3008A printer
Toshiba e-STUDIO 3008AG printer
Toshiba e-STUDIO 3508A printer
Toshiba e-STUDIO 3508AG printer
Toshiba e-STUDIO 4508A printer
Toshiba e-STUDIO 4508AG printer
Toshiba e-STUDIO 5008A printer
Toshiba e-STUDIO 5506AC printer
Toshiba e-STUDIO 6506AC printer
Toshiba e-STUDIO 7506AC printer
Toshiba e-STUDIO 5508A printer
Toshiba e-STUDIO 6508A printer
Toshiba e-STUDIO 7508A printer
Toshiba e-STUDIO 8508A printer
Toshiba e-STUDIO 3508LP printer
Toshiba e-STUDIO 4508LP printer
Toshiba e-STUDIO 5008LP printer
Vulnerability Description A command injection vulnerability exists in Toshiba Multi-Function printers. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary commands on the affected system.

Protection Overview

This protection detects attempts to exploit this vulnerability.

In order for the protection to be activated, update your Security Gateway product to the latest IPS update. For information on how to update IPS, go to SBP-2006-05, click on Protection tab and select the version of your choice.

Security Gateway R81 / R80 / R77 / R75

  1. In the IPS tab, click Protections and find the Toshiba Multi-Function Printers Command Injection (CVE-2024-27172) protection using the Search tool and Edit the protection's settings.
  2. Install policy on all Security Gateways.

This protection's log will contain the following information:

Attack Name:  Application Servers Protection Violation.
Attack Information:  Toshiba Multi-Function Printers Command Injection (CVE-2024-27172)

×
  Feedback
This website uses cookies for its functionality and for analytics and marketing purposes. By continuing to use this website, you agree to the use of cookies. For more information, please read our Cookies Notice.
OK