04/19/2024 | Press release | Distributed by Public on 04/19/2024 09:08
Ricoh has identified a server-side request forgery vulnerability (CVE-2023-50733), a firmware downgrade prevention vulnerability (CVE-2023-50738) and a buffer overflow vulnerability (CVE-2023-50739) towards Ricoh printers.
List 1 below shows the affected printers. Ricoh offers countermeasures detailed in the hyperlinked pages in the list.
CVE-2023-50733:Server-Side Request Forgery (SSRF) vulnerability in the Web Services feature that can be leveraged by an attacker to execute arbitrary code.
CVE-2023-50738:Firmware downgrade prevention vulnerability that can be leveraged by an attacker to execute arbitrary code.
CVE-2023-50739:Buffer overflow vulnerability in the Internet Printing Protocol (IPP) that can be leveraged by an attacker to execute arbitrary code.
List 1: Ricoh products and services affected by this vulnerabilityProduct/service | Link to details |
P C200W | Affected. For details, please refer to the following URL. https://www.ricoh.com/products/security/vulnerabilities/adv?id=ricoh-prod000065-2024-000003 |
M C240FW | Affected. For details, please refer to the following URL. https://www.ricoh.com/products/security/vulnerabilities/adv?id=ricoh-prod000067-2024-000003 |
Please contact your local Ricoh representative or dealer if you have any queries.