Part Number Search

Cross Reference Search

About information presented in this cross reference

The information presented in this cross reference is based on TOSHIBA's selection criteria and should be treated as a suggestion only. Please carefully review the latest versions of all relevant information on the TOSHIBA products, including without limitation data sheets and validate all operating parameters of the TOSHIBA products to ensure that the suggested TOSHIBA products are truly compatible with your design and application.
Please note that this cross reference is based on TOSHIBA's estimate of compatibility with other manufacturers' products, based on other manufacturers' published data, at the time the data was collected.
TOSHIBA is not responsible for any incorrect or incomplete information. Information is subject to change at any time without notice.

Keyword Search

Parametric Search

Stock Check & Purchase

Select Product Categories

Select Application

Find everything you need for your next product design. Simply select an application and click through to the block diagram to discover our semiconductor solutions.

New Products / News

Innovation Centre

At the Toshiba Innovation Centre we constantly strive to inspire you with our technologies and solutions. Discover how to place us at the heart of your innovations.

TDSCSA00038: Installers of development tool software products for Toshiba original core-based microcontrollers have a security vulnerability

April 2, 2021
Toshiba Electronic Devices & Storage Corporation

Outline

Toshiba Electronic Devices & Storage Corporation ("Toshiba") wishes to inform the users that a security vulnerability has been found in the installers of the development tool software products for Toshiba original core-based microcontrollers. If your Windows PC contains unauthorized DLL maliciously implanted by an attacker and you execute the affected installers of the software, the affected installers may cause insecure operation of your Windows PC.
Affected software (“Products”) of the development tool software products for Toshiba original core-based microcontrollers and their versions are shown in "List of Products". If you use the Products, please refer to “Contact and way to get the updated products” in order to get updates from our department in charge. The EOL announced products listed below also have a security vulnerability but no updated files, so please avoid use of these products.

List of Products
Contact and way to get the updated products
EOL announced products

How to confirm software

Affected software

All software of microcontroller development tool software for Toshiba original core-based microcontrollers released before August 2019. 

List of affected Products

How to confirm affected software

  • Toshiba Integrated Development Environment, or Flash programmer
    Select “Help” – “Version” in the main menu, and the model name or product name and the version number are displayed.
  • Debugger
    Select “Help” – “About TMPRO Debugger” in the main menu, and the version number is displayed.
  • Compiler (C compiler, C compiler & assembler set, etc.)
    “Name” and “Version” can be confirmed by “Control Panel” – “Programs and Features”. 

Vulnerability description

The affected installers of the Products contain an issue with their DLL (Dynamic Link Libraries) path, which may unintentionally load DLL if executed.

Impact

If your Windows PC contains unauthorized DLL maliciously implanted by an attacker and you execute the affected installers of the Products, the affected installers may cause unintentionally operations on your Windows PC.

Solution

Please use the updated products.
The updated products should be used on Windows 10.

Updated Products

Product name

File name

Version

Toshiba IDE (Integrated Development Environment)

sw00mn0-zccv230.exe

V2.30 or later

TLCS-870/X Series debugger

sw88dn9-zcfuv250.exe

V2.50 or later

TLCS-870 Series debugger

 

sw87dn9-zcfuv250.exe

V2.50 or later

TX19A,A/H1 Series C compiler

sw00mn0-zccv220.exe

(Included in Toshiba IDE)

V2.33 or later

TLCS-900 Family C compiler

sw00mn0-zccv220.exe

(Included in Toshiba IDE)

V2.10 or later

TLCS-870/C,TLCS-870/C1 Series C compiler

sw00mn0-zccv220.exe

(Included in Toshiba IDE)

V2.10 or later

TLCS-870/X Series C compiler & assembler set

sw88cn0-z0fv230.exe

V2.30 or later

TLCS-870 Series C/C-Like compiler & assembler set

sw87cn0-z0fv220.exe

V2.20 or later

FLASH programmer

sw00fn0-zccv400.exe

V4.00 or later

References

Information about the vulnerability is as follows.

Update history

April 2, 2021 First release of the information about the vulnerability

Contact and way to get the updated products

Please contact us under "Contact us", enter the necessary information and get the updated products from our department in charge. 
Please fill in the required form "*" and enter "Update microcontroller development tool software" and your "Updated Products" in " Inquiry Details ".

A new window will open