Vulnerability Description
API keys for some cloud services are hardcoded in the "main" binary. As for the details of affected product names, model numbers, and versions, refer to the information provided by the respective vendors listed under [References].
CVSS Score
CRITICAL
Related Weaknesses (CWE)
References
- https://global.sharp/products/copier/info/info_security_2024-05.html
- https://jp.sharp/business/print/information/info_security_2024-05.html
- https://jvn.jp/en/vu/JVNVU93051062/
- https://pierrekim.github.io/blog/2024-06-27-sharp-mfp-17-vulnerabilities.html
- https://www.toshibatec.co.jp/information/20240531_02.html
- https://www.toshibatec.com/information/20240531_02.html
- http://seclists.org/fulldisclosure/2024/Jul/0
FAQ
What is CVE-2024-36248?
CVE-2024-36248 is a vulnerability with a CVSS score of 9.1 (CRITICAL). API keys for some cloud services are hardcoded in the "main" binary. As for the details of affected product names, model numbers, and versions, refer to the information provided by the respective vend...
How severe is CVE-2024-36248?
CVE-2024-36248 has been rated CRITICAL with a CVSS base score of 9.1/10. This is considered a critical vulnerability requiring immediate attention.
Is there a patch for CVE-2024-36248?
Check the references section above for vendor advisories and patch information. Review vendor security bulletins for remediation guidance.