{"dataType":"CVE_RECORD","dataVersion":"5.1","cveMetadata":{"cveId":"CVE-2024-22028","assignerOrgId":"ede6fdc4-6654-4307-a26d-3331c018e2ce","state":"PUBLISHED","assignerShortName":"jpcert","dateReserved":"2024-01-04T02:17:28.653Z","datePublished":"2024-01-15T06:53:27.089Z","dateUpdated":"2025-06-03T14:01:12.809Z"},"containers":{"cna":{"affected":[{"vendor":"THREE R SOLUTION CORP. JAPAN","product":"3R-TMC01","versions":[{"version":"all firmware versions","status":"affected"}]},{"vendor":"THREE R SOLUTION CORP. JAPAN","product":"3R-TMC02","versions":[{"version":"all firmware versions","status":"affected"}]},{"vendor":"THREE R SOLUTION CORP. JAPAN","product":"3R-TMC03","versions":[{"version":"all firmware versions","status":"affected"}]},{"vendor":"THREE R SOLUTION CORP. JAPAN","product":"3R-TMC04","versions":[{"version":"all firmware versions","status":"affected"}]},{"vendor":"THREE R SOLUTION CORP. JAPAN","product":"3R-TMC05","versions":[{"version":"all firmware versions","status":"affected"}]},{"vendor":"THREE R SOLUTION CORP. JAPAN","product":"3R-TMC06","versions":[{"version":"all firmware versions","status":"affected"}]}],"descriptions":[{"lang":"en","value":"Insufficient technical documentation issue exists in thermal camera TMC series all firmware versions. The user of the affected product is not aware of the internally saved data. By accessing the affected product physically, an attacker may retrieve the internal data."}],"problemTypes":[{"descriptions":[{"description":"Insufficient verification of data authenticity","lang":"en","type":"text"}]}],"references":[{"url":"https://3rrr-btob.jp/archives/news/23624"},{"url":"https://jvn.jp/en/jp/JVN96240417/"}],"providerMetadata":{"orgId":"ede6fdc4-6654-4307-a26d-3331c018e2ce","shortName":"jpcert","dateUpdated":"2024-01-15T06:53:27.089Z"}},"adp":[{"providerMetadata":{"orgId":"af854a3a-2127-422b-91ae-364da2661108","shortName":"CVE","dateUpdated":"2024-08-01T22:35:34.809Z"},"title":"CVE Program Container","references":[{"url":"https://3rrr-btob.jp/archives/news/23624","tags":["x_transferred"]},{"url":"https://jvn.jp/en/jp/JVN96240417/","tags":["x_transferred"]}]},{"problemTypes":[{"descriptions":[{"type":"CWE","lang":"en","description":"CWE-noinfo Not enough information"}]}],"metrics":[{"cvssV3_1":{"scope":"UNCHANGED","version":"3.1","baseScore":4.6,"attackVector":"PHYSICAL","baseSeverity":"MEDIUM","vectorString":"CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N","integrityImpact":"NONE","userInteraction":"NONE","attackComplexity":"LOW","availabilityImpact":"NONE","privilegesRequired":"NONE","confidentialityImpact":"HIGH"}},{"other":{"type":"ssvc","content":{"timestamp":"2025-05-08T17:36:05.680907Z","id":"CVE-2024-22028","options":[{"Exploitation":"none"},{"Automatable":"no"},{"Technical Impact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}}],"title":"CISA ADP Vulnrichment","providerMetadata":{"orgId":"134c704f-9b21-4f2e-91b3-4a467353bcc0","shortName":"CISA-ADP","dateUpdated":"2025-06-03T14:01:12.809Z"}}]}}