Toshiba PSIRT
The Toshiba Product Security Incident Response Team (PSIRT) is
an organization responsible for addressing the security vulnerabilities found
in the products of Toshiba Group.
Roles
Toshiba Group has a product security risk management system designed to reduce the security risk of its products.
Toshiba PSIRT handles all queries concerning product security from the organizations concerned in Japan and abroad. All such queries are handled through an enhanced escalation system so as to improve the security quality of the Group’s products.
Toshiba PSIRT is committed to ensuring that vulnerability information acquired from customers and organizations concerned is properly managed within Toshiba Group and to promptly responding to product security incidents while interacting with the Information Security Early Warning Partnership.
In addition, Toshiba PSIRT shares vulnerability information across Toshiba Group with the aim of preventing similar vulnerabilities. It also incorporates security quality requirements into in-house quality regulations on product development so as to reduce the security risk of the products shipped.
Product Security Team Organization
Vulnerability disclosure policy
Click here to view our vulnerability disclosure policy.
List of vulnerabilitiy advisories
- June 14, 2024Response to vulnerabilities in Toshiba Tec’s digital multi-function peripherals (Toshiba Tec Corporation)
- May 31, 2024Response to vulnerabilities in Toshiba Tec’s digital multi-function peripherals (Toshiba Tec Corporation)
- March 6, 2024Response to vulnerability in the "Web Browser Configuration" function installed in some Toshiba Tec’s digital multi-function peripherals (Toshiba Tec Corporation)
- June 29, 2023Response to vulnerability in the "Web Browser Configuration" function installed in some Toshiba Tec’s digital multi-function peripherals (Toshiba Tec Corporation)
- January 17, 2022Security patch for ESMPRO/ServerManager (Apache Log4j vulnerability : JVNVU#96768815) (Japanese) (Toshiba Digital Solutions Corporation)
- January 17, 2022Solution for Apache Log4j vulnerability of PowerChute Business Edition v10.0 (CVE-2021-44228) (Japanese) (Toshiba Digital Solutions Corporation)
- April 2, 2021Installers of development tool software products for Toshiba original core-based microcontrollers have a security vulnerability (Toshiba Electronic Devices & Storage Corporation)
Announcements
- June 16, 2021Toshiba became a CNA under JPCERT/CC
- September 25, 2017Security notification – The subspecies of Ransomware Petya cyber attack
- May 29, 2017Security notification – WannaCrypt Ransomware cyber attack
Contact Information
Click here for contact information.