Ricoh SP C250DN 1.05 devices allow denial of service (issue 2 of 3). Unauthenticated crafted packets to the IPP service will cause a vulnerable device to crash. A memory corruption has been identified in the way of how the embedded device parsed the IPP packets
References
Link | Resource |
---|---|
https://www.nccgroup.trust/us/our-research/technical-advisory-multiple-vulnerabilities-in-ricoh-printers/ | Third Party Advisory |
https://www.ricoh-usa.com/en/support-and-download | Vendor Advisory |
Configurations
Configuration 1 (hide)
AND |
|
Configuration 2 (hide)
AND |
|
Configuration 3 (hide)
AND |
|
Configuration 4 (hide)
AND |
|
Information
Published : 2020-03-13 12:15
Updated : 2020-08-24 10:37
NVD link : CVE-2019-14310
Mitre link : CVE-2019-14310
JSON object : View
CWE
CWE-787
Out-of-bounds Write
Products Affected
ricoh
- sp_c252sf
- sp_c252dn
- sp_c250dn
- sp_c252sf_firmware
- sp_c250dn_firmware
- sp_c250sf
- sp_c252dn_firmware
- sp_c250sf_firmware