Brother and Toshiba Tec Privilege Escalation Vulnerability in Windows Driver Installers
Vulnerability
A privilege escalation vulnerability has been identified in multiple Brother driver installers for Windows, as well as in the Windows application of some Toshiba Tec digital multi-function peripherals. This vulnerability allows an arbitrary program to be executed with administrative privileges. The issue arises when the software is installed or requires administrative rights, potentially leading to the replacement of files with malicious programs that could exploit this privilege.
Impact
Exploitation of this vulnerability could result in unauthorized execution of programs with administrative rights, potentially allowing for further system manipulation or compromise.
Remediation
Users are advised to re-run the installer with the latest version available. For Toshiba Tec products, contact a service company to update the main unit software. If the update is not yet available, use the printer in a firewall-protected network and employ security software to block the execution of malicious programs.
Vulnerability Rating
Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.