Malicious code attacks on Toshiba and Sharp multifunction printers possible
Attackers can target hundreds of multifunction printers from Toshiba and Sharp. Security updates are available.
(Image: AFANASEV IVAN/Shutterstock.com)
Anyone who owns a multifunction printer from Toshiba or Sharp should update the firmware to the latest version for security reasons. Otherwise, in the worst-case scenario, attackers could completely compromise devices. It is not yet known whether there are already attacks.
Root attacks
A security researcher claims to have discovered 40 vulnerabilities in 103 Mufu models from Toshiba and 17 vulnerabilities in 308 models from Sharp. These include "critical" vulnerabilities (CVE-2024-27144), which allow a remote attacker to replace programs running on a printer with versions infected with malicious code. Devices are then completely compromised. Detailed information on the vulnerabilities can be found in the articles written by the security researcher.
Root access via a hardcoded password (CVE-2024-27158 "high") is also conceivable. The hash of the password was already discovered in firmwares from 2017. Attackers can also overwrite files remotely and then execute their own code (CVE-2024-27176 "high ").
Toshiba already announced information on the vulnerabilities and affected models in mid-June 2024. The security researcher only recently published his information.
Backdoors & Co.
Attackers can access hundreds of Sharp models via a backdoor (CVE-2024-35244 "high"). Malicious code can also get onto devices here (CVE-2024-28038). At this point, attackers can trigger a memory error in order to sneak onto printers.
In addition to the affected models, Sharp also lists the vulnerable firmware versions ina warning message.
(des)
