多款Toshiba内存卡安装程序安全漏洞

Toshiba SDHC和SDXC都是日本东芝（Toshiba）公司的存储卡产品。Toshiba SDHC/SDXC Memory Card with embedded NFC functionality是一款具有NFC功能的存储卡。Toshiba SDHC/SDXC Memory Card with embedded NFC functionality Software Update Tool是其中的一个软件更新工具；SDHC Memory Card with embedded wireless LAN functionality是一款具有无线局域网功能的存储卡，SDHC Memory Card with embedded wireless LAN functionality FlashAirTM Software Update tool是其中一个的软件更新工具；SDHC Memory Card with embedded TransferJet functionality是一款具有TransferJet功能的存储卡，SDHC Memory Card with embedded TransferJet functionality Configuration Software是其中的一个配置工具软件。

多款Toshiba内存卡安装程序中存在不可信搜索路径漏洞。远程攻击者可利用该漏洞获取权限。以下版本和产品受到影响：Toshiba SDHC/SDXC Memory Card with embedded NFC functionality Software Update Tool V1.00.03及之前的版本；SDHC Memory Card with embedded wireless LAN functionality FlashAirTM Configuration Software V3.0.2及之前的版本；SDHC Memory Card with embedded wireless LAN functionality FlashAirTM Software Update tool (SD-WE series＆lt;W-03＆gt;) V3.00.01版本；SDHC Memory Card with embedded wireless LAN functionality FlashAirTM Software Update tool (SD-WD/WC series＆lt;W-02＆gt;) V2.00.03及之前的版本；SDHC Memory Card with embedded wireless LAN functionality FlashAirTM Software Update tool (SD-WB/WL series) V1.00.04及之前的版本；SDHC Memory Card with embedded TransferJetTM functionality Configuration Software V1.02及之前的版本；SDHC Memory Card with embedded TransferJetTM functionality Software Update tool V1.00.06及之前的版本。