CVE-2024-32151 – This vulnerability in Sharp and Toshiba multifu... (How to Fix)

Q: What is the severity of CVE-2024-32151?

CVE-2024-32151 has a CVSS score of 5.9 (MEDIUM). This vulnerability in Sharp and Toshiba multifunction printers allows decrypted user passwords to be stored in memory before login and potentially retrieved from coredump files. Attackers with physical or network access could extract passwords, compromising user credentials. Organizations using affected Sharp and Toshiba MFP models are impacted.

📋 TL;DR

This vulnerability in Sharp and Toshiba multifunction printers allows decrypted user passwords to be stored in memory before login and potentially retrieved from coredump files. Attackers with physical or network access could extract passwords, compromising user credentials. Organizations using affected Sharp and Toshiba MFP models are impacted.

💻 Affected Systems

Products:

Sharp multifunction printers
Toshiba multifunction printers

Versions: Specific models and firmware versions listed in vendor advisories

Operating Systems: Embedded printer OS

Default Config Vulnerable: ⚠️ Yes

Notes: Affects specific Sharp and Toshiba MFP models with vulnerable firmware. Check vendor advisories for exact model numbers.

⚠️ Manual Verification Required

This CVE does not have specific version information in our database, so automatic vulnerability detection cannot determine if your system is affected.

Why? The CVE database entry doesn't specify which versions are vulnerable (no version ranges provided by the vendor/NVD).

🔒 Custom verification scripts are available for registered users. Sign up free to download automated test scripts.

Recommended Actions:

Review the CVE details at NVD
Check vendor security advisories for your specific version
Test if the vulnerability is exploitable in your environment
Consider updating to the latest version as a precaution

⚠️ Risk & Real-World Impact

🔴

Worst Case

Attackers extract administrative passwords, gain full device control, access network resources, and compromise user accounts across systems using the same credentials.

🟠

Likely Case

Local attackers or malicious insiders extract user passwords from memory dumps, leading to unauthorized access to the MFP and potentially other systems if password reuse exists.

🟢

If Mitigated

With proper network segmentation and access controls, attackers cannot reach vulnerable systems, limiting impact to isolated printer compromise.

🌐 Internet-Facing: MEDIUM - While MFPs shouldn't be internet-facing, misconfigurations could expose them, allowing remote attackers to exploit if they gain access.

🏢 Internal Only: HIGH - Internal attackers, compromised devices on same network, or malicious insiders can exploit this vulnerability to extract credentials.

🎯 Exploit Status

Public PoC: ⚠️ Yes

Weaponized: LIKELY

Unauthenticated Exploit: ✅ No

Complexity: LOW

Exploitation requires access to memory/coredump files, which typically needs some level of system access. The vulnerability details and exploitation methods are publicly documented.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Check vendor-specific firmware updates

Vendor Advisory: https://global.sharp/products/copier/info/info_security_2024-05.html, https://www.toshibatec.co.jp/information/20240531_02.html

Restart Required: Yes

Instructions:

1. Identify affected Sharp/Toshiba MFP models. 2. Check vendor websites for firmware updates. 3. Download and apply firmware patches. 4. Restart devices to complete installation. 5. Verify firmware version post-update.

🔧 Temporary Workarounds

Disable coredump generation

all

Prevent creation of memory dump files that could contain decrypted passwords

Vendor-specific - check device administration interface for coredump settings

Restrict physical and network access

all

Limit who can access MFPs physically and over the network

Network: firewall rules to restrict MFP access
Physical: secure printer locations with access controls

🧯 If You Can't Patch

Segment MFPs on isolated network VLANs with strict access controls
Implement strong password policies and avoid password reuse between MFP and other systems

🔍 How to Verify

Check if Vulnerable:

Check device firmware version against vendor advisories. For Sharp: visit security advisory page. For Toshiba: check model and firmware version.

Check Version:

Check via device web interface: Settings > Device Information > Firmware Version, or vendor-specific administration tools.

Verify Fix Applied:

Verify firmware version has been updated to patched version specified in vendor advisories.

📡 Detection & Monitoring

Log Indicators:

Unauthorized access attempts to MFP administration interfaces
Unusual memory dump or coredump file creation

Network Indicators:

Unexpected connections to MFPs from unauthorized IPs
Traffic patterns suggesting memory dump extraction

SIEM Query:

DeviceType="Printer" OR DeviceType="MFP" AND (EventCode="AccessDenied" OR FileCreation="*.core" OR FileCreation="*.dmp")

📊 Metadata

CVE ID: CVE-2024-32151

CVSS v3 Score: 5.9 (MEDIUM)

CVSS Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N

CWE: CWE-257

Published: November 26, 2024

Last Updated: November 4, 2025

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2024-32151, you might also want to check these: