PT-2017-15222 · Toshiba · Flashair Sdhc Memory Card

Takayoshi Isayama

Published

2017-05-22

Updated

2019-10-03

CVE-2017-2161

CVSS v3.1

3.5

Low

Vector

AV:A/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

Name of the Vulnerable Software and Affected Versions FlashAirTM SDHC Memory Card (SD-WE Series ) versions V3.00.02 and earlier FlashAirTM SDHC Memory Card (SD-WD/WC Series ) versions V2.00.04 and earlier

Description The issue allows authenticated attackers to bypass access restrictions and obtain unauthorized image data. The exact vectors used for the bypass are not specified.

Recommendations For FlashAirTM SDHC Memory Card (SD-WE Series ) versions V3.00.02 and earlier, update to a version later than V3.00.02 to resolve the issue. For FlashAirTM SDHC Memory Card (SD-WD/WC Series ) versions V2.00.04 and earlier, update to a version later than V2.00.04 to resolve the issue.

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-425

Related Identifiers

CVE-2017-2161

Affected Products

Flashair Sdhc Memory Card

PT-2017-15222 · Toshiba · Flashair Sdhc Memory Card

CVE-2017-2161

Weakness Enumeration

Related Identifiers

Affected Products

References · 5