Ricoh Yazıcılarında Kritik Güvenlik Açığı

Ricoh’un Web Image Monitor yazılımında keşfedilen kritik bir güvenlik açığı, firmanın birçok yazıcı ve çok işlevli cihazını (MFP) etkiliyor. CVE-2024-47939 olarak tanımlanan bu açık, 9.8 CVSS puanıyla değerlendirilmiş olup, saldırganların uzaktan kod çalıştırmasına veya hizmet dışı bırakma (DoS) saldırılarına izin veriyor.

Etkilenen ürünler aşağıdaki gibidir:

MP 501SPF/601SPFAffected. For details, please refer to the following URL.https://www.ricoh.com/products/security/vulnerabilities/adv?id=ricoh-prod000123-2024-000011
IM 550F/600F/600SRFAffected. For details, please refer to the following URL.https://www.ricoh.com/products/security/vulnerabilities/adv?id=ricoh-prod000013-2024-000011
SP 5300DN/5310DNAffected. For details, please refer to the following URL.https://www.ricoh.com/products/security/vulnerabilities/adv?id=ricoh-prod000135-2024-000011
P 800/801Affected. For details, please refer to the following URL.https://www.ricoh.com/products/security/vulnerabilities/adv?id=ricoh-prod000136-2024-000011
IM 2702Affected. For details, please refer to the following URL.https://www.ricoh.com/products/security/vulnerabilities/adv?id=ricoh-prod000009-2024-000011
MP C8003/C6503Affected. For details, please refer to the following URL.https://www.ricoh.com/products/security/vulnerabilities/adv?id=ricoh-prod000128-2024-000011
IM C6500/C8000Affected. For details, please refer to the following URL.https://www.ricoh.com/products/security/vulnerabilities/adv?id=ricoh-prod000001-2024-000011
IM 350F/350/430F/430FbAffected. For details, please refer to the following URL.https://www.ricoh.com/products/security/vulnerabilities/adv?id=ricoh-prod000016-2024-000011
P 501/502Affected. For details, please refer to the following URL.https://www.ricoh.com/products/security/vulnerabilities/adv?id=ricoh-prod000137-2024-000011
IM 2500/3000/3500/4000/5000/6000Affected. For details, please refer to the following URL.https://www.ricoh.com/products/security/vulnerabilities/adv?id=ricoh-prod000010-2024-000011
MP 2555/3055/3555/4055/5055/6055Affected. For details, please refer to the following URL.https://www.ricoh.com/products/security/vulnerabilities/adv?id=ricoh-prod000011-2024-000011
SP 8400DNAffected. For details, please refer to the following URL.https://www.ricoh.com/products/security/vulnerabilities/adv?id=ricoh-prod000138-2024-000011
SP 6430DNAffected. For details, please refer to the following URL.https://www.ricoh.com/products/security/vulnerabilities/adv?id=ricoh-prod000139-2024-000011
IM C530F/C530FBAffected. For details, please refer to the following URL.https://www.ricoh.com/products/security/vulnerabilities/adv?id=ricoh-prod000017-2024-000011
MP 402SPFAffected. For details, please refer to the following URL.https://www.ricoh.com/products/security/vulnerabilities/adv?id=ricoh-prod000057-2024-000011
IM C400F/C400SRF/C300F/C300Affected. For details, please refer to the following URL.https://www.ricoh.com/products/security/vulnerabilities/adv?id=ricoh-prod000008-2024-000011
P C600Affected. For details, please refer to the following URL.https://www.ricoh.com/products/security/vulnerabilities/adv?id=ricoh-prod000143-2024-000011
Aficio MP 2001/2501Affected. For details, please refer to the following URL.https://www.ricoh.com/products/security/vulnerabilities/adv?id=ricoh-prod000219-2024-000011
MP 6503/7503/9003Affected. For details, please refer to the following URL.https://www.ricoh.com/products/security/vulnerabilities/adv?id=ricoh-prod000058-2024-000011
IM 7000/8000/9000Affected. For details, please refer to the following URL.https://www.ricoh.com/products/security/vulnerabilities/adv?id=ricoh-prod000012-2024-000011
MP C3003/C3503 (The model without Smart Operation Panel)Affected. For details, please refer to the following URL.https://www.ricoh.com/products/security/vulnerabilities/adv?id=ricoh-prod000041-2024-000011
MP C4503/C5503/C6003 (The model without Smart Operation Panel)Affected. For details, please refer to the following URL.https://www.ricoh.com/products/security/vulnerabilities/adv?id=ricoh-prod000042-2024-000011
MP C2003/C2503 (The model without Smart Operation Panel)Affected. For details, please refer to the following URL.https://www.ricoh.com/products/security/vulnerabilities/adv?id=ricoh-prod000043-2024-000011
RICOH MP C3004ex/C3504exAffected. For details, please refer to the following URL.https://www.ricoh.com/products/security/vulnerabilities/adv?id=ricoh-prod000035-2024-000011
RICOH MP C2004ex/C2504exAffected. For details, please refer to the following URL.https://www.ricoh.com/products/security/vulnerabilities/adv?id=ricoh-prod000037-2024-000011
RICOH MP C4504ex/C5504ex/C6004exAffected. For details, please refer to the following URL.https://www.ricoh.com/products/security/vulnerabilities/adv?id=ricoh-prod000036-2024-000011
RICOH MP C3004/C3504Affected. For details, please refer to the following URL.https://www.ricoh.com/products/security/vulnerabilities/adv?id=ricoh-prod000002-2024-000011
RICOH MP C2004/C2504Affected. For details, please refer to the following URL.https://www.ricoh.com/products/security/vulnerabilities/adv?id=ricoh-prod000004-2024-000011
RICOH MP C4504/C5504/C6004Affected. For details, please refer to the following URL.https://www.ricoh.com/products/security/vulnerabilities/adv?id=ricoh-prod000003-2024-000011
IM C3000/C3500Affected. For details, please refer to the following URL.https://www.ricoh.com/products/security/vulnerabilities/adv?id=ricoh-prod000005-2024-000011
IM C2000/C2500Affected. For details, please refer to the following URL.https://www.ricoh.com/products/security/vulnerabilities/adv?id=ricoh-prod000007-2024-000011
IM C4500/C5500/C6000Affected. For details, please refer to the following URL.https://www.ricoh.com/products/security/vulnerabilities/adv?id=ricoh-prod000006-2024-000011
SP C840DN/C842DNAffected. For details, please refer to the following URL.https://www.ricoh.com/products/security/vulnerabilities/adv?id=ricoh-prod000144-2024-000011
SP C340DNAffected. For details, please refer to the following URL.https://www.ricoh.com/products/security/vulnerabilities/adv?id=ricoh-prod000232-2024-000011
SP C342DNAffected. For details, please refer to the following URL.https://www.ricoh.com/products/security/vulnerabilities/adv?id=ricoh-prod000233-2024-000011
MP C501SPAffected. For details, please refer to the following URL.https://www.ricoh.com/products/security/vulnerabilities/adv?id=ricoh-prod000130-2024-000011
IM CW2200Affected. For details, please refer to the following URL.https://www.ricoh.com/products/security/vulnerabilities/adv?id=ricoh-prod000060-2024-000011
IP CW2200Affected. For details, please refer to the following URL.https://www.ricoh.com/products/security/vulnerabilities/adv?id=ricoh-prod000162-2024-000011
Aficio MP 301Affected. For details, please refer to the following URL.https://www.ricoh.com/products/security/vulnerabilities/adv?id=ricoh-prod000223-2024-000011
SP C360SNw/C360SFNw/C361SFNwAffected. For details, please refer to the following URL.https://www.ricoh.com/products/security/vulnerabilities/adv?id=ricoh-prod000055-2024-000011
SP C352DNAffected. For details, please refer to the following URL.https://www.ricoh.com/products/security/vulnerabilities/adv?id=ricoh-prod000239-2024-000011
SP C360DNwAffected. For details, please refer to the following URL.https://www.ricoh.com/products/security/vulnerabilities/adv?id=ricoh-prod000146-2024-000011
SP C435DNAffected. For details, please refer to the following URL.https://www.ricoh.com/products/security/vulnerabilities/adv?id=ricoh-prod000147-2024-000011
SP C440DNAffected. For details, please refer to the following URL.https://www.ricoh.com/products/security/vulnerabilities/adv?id=ricoh-prod000148-2024-000011
MP C3003/C3503 (The model with Smart Operation Panel)Affected. For details, please refer to the following URL.https://www.ricoh.com/products/security/vulnerabilities/adv?id=ricoh-prod000038-2024-000011
MP C4503/C5503/C6003 (The model with Smart Operation Panel)Affected. For details, please refer to the following URL.https://www.ricoh.com/products/security/vulnerabilities/adv?id=ricoh-prod000039-2024-000011
MP C2003/C2503 (The model with Smart Operation Panel)Affected. For details, please refer to the following URL.https://www.ricoh.com/products/security/vulnerabilities/adv?id=ricoh-prod000040-2024-000011
MP C6502/C8002Affected. For details, please refer to the following URL.https://www.ricoh.com/products/security/vulnerabilities/adv?id=ricoh-prod000225-2024-000011
MP 2554/3054/3554/4054/5054/6054Affected. For details, please refer to the following URL.https://www.ricoh.com/products/security/vulnerabilities/adv?id=ricoh-prod000255-2024-000011
MP 2554ZSP/3054ZSP/3554ZSP/4054AZSP/5054AZSP/6054ZSPAffected. For details, please refer to the following URL.https://www.ricoh.com/products/security/vulnerabilities/adv?id=ricoh-prod000216-2024-000011
MP C306/C406Affected. For details, please refer to the following URL.https://www.ricoh.com/products/security/vulnerabilities/adv?id=ricoh-prod000061-2024-000011
Pro 8300S/8310S/8320SAffected. For details, please refer to the following URL.https://www.ricoh.com/products/security/vulnerabilities/adv?id=ricoh-prod000244-2024-000011
Pro 8310/8320Affected. For details, please refer to the following URL.https://www.ricoh.com/products/security/vulnerabilities/adv?id=ricoh-prod000246-2024-000011
Pro C5200S/Pro C5210SAffected. For details, please refer to the following URL.https://www.ricoh.com/products/security/vulnerabilities/adv?id=ricoh-prod000247-2024-000011
Pro C5300S/C5310SAffected. For details, please refer to the following URL.https://www.ricoh.com/products/security/vulnerabilities/adv?id=ricoh-prod000019-2024-000011
Pro C5300SLAffected. For details, please refer to the following URL.https://www.ricoh.com/products/security/vulnerabilities/adv?id=ricoh-prod000161-2024-000011
Pro C7200S/C7210S/C7200SX/C7210SX/C7200SLAffected. For details, please refer to the following URL.https://www.ricoh.com/products/security/vulnerabilities/adv?id=ricoh-prod000056-2024-000011
Pro C7200/C7210/C7200X/C7210X/C7200eAffected. For details, please refer to the following URL.https://www.ricoh.com/products/security/vulnerabilities/adv?id=ricoh-prod000250-2024-000011
Pro C9100/9110Affected. For details, please refer to the following URL.https://www.ricoh.com/products/security/vulnerabilities/adv?id=ricoh-prod000241-2024-000011
Pro C7100S/C7110S/C7100SX/C7110SXAffected. For details, please refer to the following URL.https://www.ricoh.com/products/security/vulnerabilities/adv?id=ricoh-prod000248-2024-000011
Pro C7100/C7110/C7100X/C7110XAffected. For details, please refer to the following URL.https://www.ricoh.com/products/security/vulnerabilities/adv?id=ricoh-prod000249-2024-000011
Pro C9200/9210Affected. For details, please refer to the following URL.https://www.ricoh.com/products/security/vulnerabilities/adv?id=ricoh-prod000242-2024-000011

Web Image Monitor, birçok Ricoh lazer yazıcı ve MFP cihazında bulunan, cihaz yönetimi ve izleme için kullanılan gömülü bir web sunucusu. Saldırganlar, bu güvenlik açığını özel olarak hazırlanmış bir HTTP isteği göndererek istismar edebiliyor.

Exit mobile version