Refine your search

1 vulnerability found for 3R-TMC04 by THREE R SOLUTION CORP. JAPAN

CVE-2024-22028 (GCVE-0-2024-22028)
Vulnerability from cvelistv5
Published
2024-01-15 06:53
Modified
2025-06-03 14:01
Severity ?
4.6 (Medium) - CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
CWE
  • Insufficient verification of data authenticity
Summary
Insufficient technical documentation issue exists in thermal camera TMC series all firmware versions. The user of the affected product is not aware of the internally saved data. By accessing the affected product physically, an attacker may retrieve the internal data.
References
Impacted products
Vendor Product Version
THREE R SOLUTION CORP. JAPAN 3R-TMC01 Version: all firmware versions
 Create a notification for this product.
Show details on NVD website

To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-01T22:35:34.809Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://3rrr-btob.jp/archives/news/23624"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://jvn.jp/en/jp/JVN96240417/"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "cvssV3_1": {
              "attackComplexity": "LOW",
              "attackVector": "PHYSICAL",
              "availabilityImpact": "NONE",
              "baseScore": 4.6,
              "baseSeverity": "MEDIUM",
              "confidentialityImpact": "HIGH",
              "integrityImpact": "NONE",
              "privilegesRequired": "NONE",
              "scope": "UNCHANGED",
              "userInteraction": "NONE",
              "vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
              "version": "3.1"
            }
          },
          {
            "other": {
              "content": {
                "id": "CVE-2024-22028",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-05-08T17:36:05.680907Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "problemTypes": [
          {
            "descriptions": [
              {
                "description": "CWE-noinfo Not enough information",
                "lang": "en",
                "type": "CWE"
              }
            ]
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-06-03T14:01:12.809Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "3R-TMC01",
          "vendor": "THREE R SOLUTION CORP. JAPAN",
          "versions": [
            {
              "status": "affected",
              "version": "all firmware versions"
            }
          ]
        },
        {
          "product": "3R-TMC02",
          "vendor": "THREE R SOLUTION CORP. JAPAN",
          "versions": [
            {
              "status": "affected",
              "version": "all firmware versions"
            }
          ]
        },
        {
          "product": "3R-TMC03",
          "vendor": "THREE R SOLUTION CORP. JAPAN",
          "versions": [
            {
              "status": "affected",
              "version": "all firmware versions"
            }
          ]
        },
        {
          "product": "3R-TMC04",
          "vendor": "THREE R SOLUTION CORP. JAPAN",
          "versions": [
            {
              "status": "affected",
              "version": "all firmware versions"
            }
          ]
        },
        {
          "product": "3R-TMC05",
          "vendor": "THREE R SOLUTION CORP. JAPAN",
          "versions": [
            {
              "status": "affected",
              "version": "all firmware versions"
            }
          ]
        },
        {
          "product": "3R-TMC06",
          "vendor": "THREE R SOLUTION CORP. JAPAN",
          "versions": [
            {
              "status": "affected",
              "version": "all firmware versions"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "Insufficient technical documentation issue exists in thermal camera TMC series all firmware versions. The user of the affected product is not aware of the internally saved data. By accessing the affected product physically, an attacker may retrieve the internal data."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "Insufficient verification of data authenticity",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-01-15T06:53:27.089Z",
        "orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
        "shortName": "jpcert"
      },
      "references": [
        {
          "url": "https://3rrr-btob.jp/archives/news/23624"
        },
        {
          "url": "https://jvn.jp/en/jp/JVN96240417/"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
    "assignerShortName": "jpcert",
    "cveId": "CVE-2024-22028",
    "datePublished": "2024-01-15T06:53:27.089Z",
    "dateReserved": "2024-01-04T02:17:28.653Z",
    "dateUpdated": "2025-06-03T14:01:12.809Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}