How severe is CVE-2024-27143?

This vulnerability has a severity rating of CRITICAL with a CVSS score of 9.8 out of 10.

What type of vulnerability is CVE-2024-27143?

This is classified as CWE-250, which is a common weakness in software security.

CVE-2024-27143 - CRITICAL Severity | CVSS 9.8

Vulnerability Description

Toshiba printers use SNMP for configuration. Using the private community, it is possible to remotely execute commands as root on the remote printer. Using this vulnerability will allow any attacker to get a root access on a remote Toshiba printer. This vulnerability can be executed in combination with other vulnerabilities and difficult to execute alone. So, the CVSS score for this vulnerability alone is lower than the score listed in the "Base Score" of this vulnerability. For detail on related other vulnerabilities, please ask to the below contact point. https://www.toshibatec.com/contacts/products/ As for the affected products/models/versions, see the reference URL.

Related Vulnerabilities

CVE-2021-41035

CRITICAL

CVSS:9.8(Critical)

In Eclipse Openj9 before version 0.29.0, the JVM does not throw IllegalAccessError for MethodHandles that invoke inaccessible interface methods.

CWE-2502021

CVE-2022-1517

CRITICAL

CVSS:9.8(Critical)

LRM utilizes elevated privileges. An unauthenticated malicious actor can upload and execute code remotely at the operating system level, which can allow an attacker to change settings, configurations,...

CWE-2502022

CVE-2022-2634

CRITICAL

CVSS:9.8(Critical)

An attacker may be able to execute malicious actions due to the lack of device access protections and device permissions when using the web application. This could lead to uploading python files which...

CWE-2502022

CVE-2022-32535

CRITICAL

CVSS:9.8(Critical)

The Bosch Ethernet switch PRA-ES8P2S with software version 1.01.05 runs its web server with root privilege. In combination with CVE-2022-23534 this could give an attacker root access to the switch.

CWE-2502022

CVE-2022-44544

CRITICAL

CVSS:9.8(Critical)

Mahara 21.04 before 21.04.7, 21.10 before 21.10.5, 22.04 before 22.04.3, and 22.10 before 22.10.0 potentially allow a PDF export to trigger a remote shell if the site is running on Ubuntu and the flag...

CWE-2502022

CVE-2023-1966

CRITICAL

CVSS:9.8(Critical)

Instruments with Illumina Universal Copy Service v1.x and v2.x contain an unnecessary privileges vulnerability. An unauthenticated malicious actor could upload and execute code remotely at the operati...

CWE-2502023