Vulnerability Note VU#632140
Multiple Toshiba products are vulnerable to trusted service path privilege escalation
Bluetooth Stack for Windows by Toshiba and TOSHIBA Service Station contain a trusted service path privilege escalation vulnerability.
CWE-428: Unquoted Search Path or Element
Bluetooth Stack for Windows by Toshiba versions 9.10.27(T) and earlier, as well as TOSHIBA Service Station versions 2.2.13 and earlier, contain a trusted service path privilege escalation vulnerability.
A local authenticated attacker may be able to escalate privileges to SYSTEM.
Apply an Update
Vendor Information (Learn More)
|Vendor||Status||Date Notified||Date Updated|
|Toshiba Corporation||Affected||-||26 Feb 2015|
CVSS Metrics (Learn More)
Thanks to Giovanni Delvecchio for reporting this vulnerability.
This document was written by Todd Lewellen.
- CVE IDs: CVE-2015-0884
- Date Public: 26 Feb 2015
- Date First Published: 27 Feb 2015
- Date Last Updated: 05 Mar 2015
- Document Revision: 11
If you have feedback, comments, or additional information about this vulnerability, please send us email.