Multiple Toshiba memory card installers DLL Loading Remote Code Execution Vulnerability



Multiple Toshiba memory card installers are prone to a remote code-execution vulnerability.

A remote attacker can leverage this issue to execute arbitrary code in the context of the affected application.

The following products are vulnerable:

SDHC/SDXC Memory Card with embedded NFC functionality Software Update Tool 1.00.03 and prior versions.
SDHC Memory Card with embedded wireless LAN functionality FlashAirTM Configuration Software 3.0.2 and prior versions.
SDHC Memory Card with embedded wireless LAN functionality FlashAirTM Software Update tool (SD-WE series) 3.00.01
SDHC Memory Card with embedded wireless LAN functionality FlashAirTM Software Update tool (SD-WD/WC series) 2.00.03 and prior versions.
SDHC Memory Card with embedded wireless LAN functionality FlashAirTM Software Update tool (SD-WB/WL series) 1.00.04 and prior versions.
SDHC Memory Card with embedded TransferJetTM functionality Configuration Software 1.02 and prior versions.
SDHC Memory Card with embedded TransferJetTM functionality Software Update tool 1.00.06 and prior versions.

Information

Bugtraq ID: 97697
Class: Design Error
CVE: CVE-2017-2149

Remote: Yes
Local: No
Published: Apr 14 2017 12:00AM
Updated: Apr 14 2017 12:00AM
Credit: Yuji Tounai of NTT Communications Corporation.
Vulnerable: Toshiba SDXC Memory Card with embedded NFC functionality Software Update 1.0.3
Toshiba SDXC Memory Card with embedded NFC functionality Software Update 0
Toshiba SDHC Memory Card FlashAirTM Software Update tool 3.0.1
Toshiba SDHC Memory Card FlashAirTM Software Update tool 0
Toshiba SDHC Memory Card FlashAirTM Configuration Software 3.0.2
Toshiba SDHC Memory Card FlashAirTM Configuration Software 0
Toshiba SDHC Memory Card 1.0.3
Toshiba SDHC Memory Card 0


Not Vulnerable:

Exploit


Attackers must trick a user into opening a file on a remote WebDAV or SMB share to exploit this issue.

A general exploit technique has been documented by TheLeader and H.D. Moore for the Metasploit Project; please see the references for more information.


Related Posts

Comments