ByteOS Network

NVD Vulnerability Details :

CVE-2024-35244

Deferred

Source-vultures@jpcert.or.jp

Published At-26 Nov, 2024 | 08:15

Updated At-15 Apr, 2026 | 00:35

There are several hidden accounts. Some of them are intended for maintenance engineers, and with the knowledge of their passwords (e.g., by examining the coredump), these accounts can be used to re-configure the device. As for the details of affected product names, model numbers, and versions, refer to the information provided by the respective vendors listed under [References].

Date Added	Due Date	Vulnerability Name	Required Action
	N/A

Metrics

Type	Version	Base score	Base severity	Vector
Secondary	3.1	9.1	CRITICAL	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
Secondary	3.1	9.1	CRITICAL	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N

Type: Secondary

Version: 3.1

Base score: 9.1

Base severity: CRITICAL

Vector:

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N

Type: Secondary

Version: 3.1

Base score: 9.1

Base severity: CRITICAL

Vector:

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N

Weaknesses

CWE ID	Type	Source
CWE-798	Secondary	vultures@jpcert.or.jp

CWE ID: CWE-798

Type: Secondary

Source: vultures@jpcert.or.jp

References

Hyperlink	Source	Resource
https://global.sharp/products/copier/info/info_security_2024-05.html	vultures@jpcert.or.jp	N/A
https://jp.sharp/business/print/information/info_security_2024-05.html	vultures@jpcert.or.jp	N/A
https://jvn.jp/en/vu/JVNVU93051062/	vultures@jpcert.or.jp	N/A
https://pierrekim.github.io/blog/2024-06-27-sharp-mfp-17-vulnerabilities.html	vultures@jpcert.or.jp	N/A
https://www.toshibatec.co.jp/information/20240531_02.html	vultures@jpcert.or.jp	N/A
https://www.toshibatec.com/information/20240531_02.html	vultures@jpcert.or.jp	N/A
http://seclists.org/fulldisclosure/2024/Jul/0	af854a3a-2127-422b-91ae-364da2661108	N/A