Search
Find a vulnerability
Search criteria
2 vulnerabilities found for 3r-tmc01_firmware by 3rrr-btob
CVE-2024-22028 (GCVE-0-2024-22028)
Vulnerability from nvd – Published: 2024-01-15 06:53 – Updated: 2025-06-03 14:01
VLAI
Summary
Insufficient technical documentation issue exists in thermal camera TMC series all firmware versions. The user of the affected product is not aware of the internally saved data. By accessing the affected product physically, an attacker may retrieve the internal data.
Severity
4.6 (Medium)
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- Insufficient verification of data authenticity
- CWE-noinfo Not enough information
Assigner
References
2 references
Impacted products
6 products
| Vendor | Product | Version | |
|---|---|---|---|
| THREE R SOLUTION CORP. JAPAN | 3R-TMC01 |
Affected:
all firmware versions
|
|
| THREE R SOLUTION CORP. JAPAN | 3R-TMC02 |
Affected:
all firmware versions
|
|
| THREE R SOLUTION CORP. JAPAN | 3R-TMC03 |
Affected:
all firmware versions
|
|
| THREE R SOLUTION CORP. JAPAN | 3R-TMC04 |
Affected:
all firmware versions
|
|
| THREE R SOLUTION CORP. JAPAN | 3R-TMC05 |
Affected:
all firmware versions
|
|
| THREE R SOLUTION CORP. JAPAN | 3R-TMC06 |
Affected:
all firmware versions
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-01T22:35:34.809Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://3rrr-btob.jp/archives/news/23624"
},
{
"tags": [
"x_transferred"
],
"url": "https://jvn.jp/en/jp/JVN96240417/"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "PHYSICAL",
"availabilityImpact": "NONE",
"baseScore": 4.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2024-22028",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-05-08T17:36:05.680907Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "CWE-noinfo Not enough information",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-06-03T14:01:12.809Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "3R-TMC01",
"vendor": "THREE R SOLUTION CORP. JAPAN",
"versions": [
{
"status": "affected",
"version": "all firmware versions"
}
]
},
{
"product": "3R-TMC02",
"vendor": "THREE R SOLUTION CORP. JAPAN",
"versions": [
{
"status": "affected",
"version": "all firmware versions"
}
]
},
{
"product": "3R-TMC03",
"vendor": "THREE R SOLUTION CORP. JAPAN",
"versions": [
{
"status": "affected",
"version": "all firmware versions"
}
]
},
{
"product": "3R-TMC04",
"vendor": "THREE R SOLUTION CORP. JAPAN",
"versions": [
{
"status": "affected",
"version": "all firmware versions"
}
]
},
{
"product": "3R-TMC05",
"vendor": "THREE R SOLUTION CORP. JAPAN",
"versions": [
{
"status": "affected",
"version": "all firmware versions"
}
]
},
{
"product": "3R-TMC06",
"vendor": "THREE R SOLUTION CORP. JAPAN",
"versions": [
{
"status": "affected",
"version": "all firmware versions"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Insufficient technical documentation issue exists in thermal camera TMC series all firmware versions. The user of the affected product is not aware of the internally saved data. By accessing the affected product physically, an attacker may retrieve the internal data."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Insufficient verification of data authenticity",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-01-15T06:53:27.089Z",
"orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"shortName": "jpcert"
},
"references": [
{
"url": "https://3rrr-btob.jp/archives/news/23624"
},
{
"url": "https://jvn.jp/en/jp/JVN96240417/"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"assignerShortName": "jpcert",
"cveId": "CVE-2024-22028",
"datePublished": "2024-01-15T06:53:27.089Z",
"dateReserved": "2024-01-04T02:17:28.653Z",
"dateUpdated": "2025-06-03T14:01:12.809Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-22028 (GCVE-0-2024-22028)
Vulnerability from cvelistv5 – Published: 2024-01-15 06:53 – Updated: 2025-06-03 14:01
VLAI
Summary
Insufficient technical documentation issue exists in thermal camera TMC series all firmware versions. The user of the affected product is not aware of the internally saved data. By accessing the affected product physically, an attacker may retrieve the internal data.
Severity
4.6 (Medium)
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- Insufficient verification of data authenticity
- CWE-noinfo Not enough information
Assigner
References
2 references
Impacted products
6 products
| Vendor | Product | Version | |
|---|---|---|---|
| THREE R SOLUTION CORP. JAPAN | 3R-TMC01 |
Affected:
all firmware versions
|
|
| THREE R SOLUTION CORP. JAPAN | 3R-TMC02 |
Affected:
all firmware versions
|
|
| THREE R SOLUTION CORP. JAPAN | 3R-TMC03 |
Affected:
all firmware versions
|
|
| THREE R SOLUTION CORP. JAPAN | 3R-TMC04 |
Affected:
all firmware versions
|
|
| THREE R SOLUTION CORP. JAPAN | 3R-TMC05 |
Affected:
all firmware versions
|
|
| THREE R SOLUTION CORP. JAPAN | 3R-TMC06 |
Affected:
all firmware versions
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-01T22:35:34.809Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://3rrr-btob.jp/archives/news/23624"
},
{
"tags": [
"x_transferred"
],
"url": "https://jvn.jp/en/jp/JVN96240417/"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "PHYSICAL",
"availabilityImpact": "NONE",
"baseScore": 4.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2024-22028",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-05-08T17:36:05.680907Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "CWE-noinfo Not enough information",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-06-03T14:01:12.809Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "3R-TMC01",
"vendor": "THREE R SOLUTION CORP. JAPAN",
"versions": [
{
"status": "affected",
"version": "all firmware versions"
}
]
},
{
"product": "3R-TMC02",
"vendor": "THREE R SOLUTION CORP. JAPAN",
"versions": [
{
"status": "affected",
"version": "all firmware versions"
}
]
},
{
"product": "3R-TMC03",
"vendor": "THREE R SOLUTION CORP. JAPAN",
"versions": [
{
"status": "affected",
"version": "all firmware versions"
}
]
},
{
"product": "3R-TMC04",
"vendor": "THREE R SOLUTION CORP. JAPAN",
"versions": [
{
"status": "affected",
"version": "all firmware versions"
}
]
},
{
"product": "3R-TMC05",
"vendor": "THREE R SOLUTION CORP. JAPAN",
"versions": [
{
"status": "affected",
"version": "all firmware versions"
}
]
},
{
"product": "3R-TMC06",
"vendor": "THREE R SOLUTION CORP. JAPAN",
"versions": [
{
"status": "affected",
"version": "all firmware versions"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Insufficient technical documentation issue exists in thermal camera TMC series all firmware versions. The user of the affected product is not aware of the internally saved data. By accessing the affected product physically, an attacker may retrieve the internal data."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Insufficient verification of data authenticity",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-01-15T06:53:27.089Z",
"orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"shortName": "jpcert"
},
"references": [
{
"url": "https://3rrr-btob.jp/archives/news/23624"
},
{
"url": "https://jvn.jp/en/jp/JVN96240417/"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"assignerShortName": "jpcert",
"cveId": "CVE-2024-22028",
"datePublished": "2024-01-15T06:53:27.089Z",
"dateReserved": "2024-01-04T02:17:28.653Z",
"dateUpdated": "2025-06-03T14:01:12.809Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}