CVE-2024-39927
8.2
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H
Summary
Out-of-bounds write vulnerability exists in Ricoh MFPs and printers. If a remote attacker sends a specially crafted request to the affected products, the products may be able to cause a denial-of-service (DoS) condition and/or user's data may be destroyed.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Ricoh Company, Ltd. | IM C3510/C3010 | prior to System/Copy 2.00-00 | affected |
| Ricoh Company, Ltd. | IM C6010/C5510/C4510 | prior to System/Copy 2.00-00 | affected |
| Ricoh Company, Ltd. | IM C2510/C2010 | prior to System/Copy 2.00-00 | affected |
| Ricoh Company, Ltd. | IM C7010 | prior to System/Copy 1.05-00 | affected |
| Ricoh Company, Ltd. | IM 460F/460FTL/370/370F | prior to System/Copy 1.10-00 | affected |
| Ricoh Company, Ltd. | IM C8500/C8510M/C8500/C8500M | prior to System 1.04-00 | affected |
Weaknesses
- Out-of-bounds write
ADP Enrichment
CISA ADP Vulnrichment
- SSVC:
- Exploitation: none
- Automatable: yes
- Technical Impact: partial
CVE Program Container
Additional References
- https://www.ricoh.com/products/security/vulnerabilities/vul?id=ricoh-2024-000008
- https://jp.ricoh.com/security/products/vulnerabilities/vul?id=ricoh-2024-000008
- https://jvn.jp/en/jp/JVN14294633/
- https://jvn.jp/jp/JVN14294633/
References
- https://www.ricoh.com/products/security/vulnerabilities/vul?id=ricoh-2024-000008
- https://jp.ricoh.com/security/products/vulnerabilities/vul?id=ricoh-2024-000008
- https://jvn.jp/en/jp/JVN14294633/
- https://jvn.jp/jp/JVN14294633/
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.