April 2, 2021
Toshiba Electronic Devices & Storage Corporation
Toshiba Electronic Devices & Storage Corporation ("Toshiba") wishes to inform users of a security vulnerability identified in the installers of the development tool software products for Toshiba original core-based microcontrollers. If your Windows PC contains unauthorized DLL maliciously implanted by an attacker and you execute the affected installers of the software, the affected installers may cause insecure operation of your Windows PC.
The affected products (“Products”) of the development tool software products for Toshiba original core-based microcontrollers and their versions are shown in "List of affected products". If you use the Products, please refer to “Contact and way to get the updated products” in order to get authorized updates. The EOL announced products listed below also have a security vulnerability but no available updated files. We strongly recommend discontinued use of these products. If you have any questions about the EOL announced products, please feel free to contact us.
List of affected products
Contact and way to get the updated products
EOL announced products
Affected products
All products of microcontroller development tool software for Toshiba original core-based microcontrollers released before August 2019.
How to confirm affected products
The affected installers of the Products contain an issue with their DLL (Dynamic Link Libraries) path, which may unintentionally load DLL if executed.
If your Windows PC contains unauthorized DLL maliciously implanted by an attacker and you execute the affected installers of the Products, the affected installers may cause unintentional operations on your Windows PC.
Please use the updated products.
The updated products should be used on Windows 10.
Product name |
File name |
Version |
---|---|---|
Toshiba IDE (Integrated Development Environment) |
sw00mn0-zccv230.exe |
V2.30 or later |
TLCS-870/X Series debugger |
sw88dn9-zcfuv250.exe |
V2.50 or later |
TLCS-870 Series debugger
|
sw87dn9-zcfuv250.exe |
V2.50 or later |
TX19A,A/H1 Series C compiler |
sw00mn0-zccv220.exe (Included in Toshiba IDE) |
V2.33 or later |
TLCS-900 Family C compiler |
sw00mn0-zccv220.exe (Included in Toshiba IDE) |
V2.10 or later |
TLCS-870/C,TLCS-870/C1 Series C compiler |
sw00mn0-zccv220.exe (Included in Toshiba IDE) |
V2.10 or later |
TLCS-870/X Series C compiler & assembler set |
sw88cn0-z0fv230.exe |
V2.30 or later |
TLCS-870 Series C/C-Like compiler & assembler set |
sw87cn0-z0fv220.exe |
V2.20 or later |
FLASH programmer |
sw00fn0-zccv400.exe |
V4.00 or later |
Information about the vulnerability is as follows.
April 2, 2021 | First release of the information about the vulnerability |
---|
Please contact our website and get the updated products from our customer service team.
Please enter the necessary information in "Contact us" at the top of our website to receive the updated products from our customer service team.
Please fill in the required form "*" and enter "Update microcontroller development tool software" and your "Updated Products" in " Question ".