RICOH SP C250 Series Use of Hard-coded Credentials (CVE-2019-14309)

#%NASL_MIN_LEVEL 80900
##
# (C) Tenable, Inc.
##

include('compat.inc');

if (description)
{
  script_id(501969);
  script_version("1.1");
  script_set_attribute(attribute:"plugin_modification_date", value:"2024/02/14");

  script_cve_id("CVE-2019-14309");

  script_name(english:"RICOH SP C250 Series Use of Hard-coded Credentials (CVE-2019-14309)");

  script_set_attribute(attribute:"synopsis", value:
"The remote OT asset is affected by a vulnerability.");
  script_set_attribute(attribute:"description", value:
"Ricoh SP C250DN 1.05 devices have a fixed password. FTP service
credential were found to be hardcoded within the printer firmware.
This would allow to an attacker to access and read information stored
on the shared FTP folders.

This plugin only works with Tenable.ot.
Please visit https://www.tenable.com/products/tenable-ot for more information.");
  # https://www.nccgroup.trust/us/our-research/technical-advisory-multiple-vulnerabilities-in-ricoh-printers/
  script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?e793f04b");
  script_set_attribute(attribute:"see_also", value:"https://www.ricoh-usa.com/en/support-and-download");
  script_set_attribute(attribute:"solution", value:
"Refer to the vendor advisory.");
  script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N");
  script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
  script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N");
  script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
  script_set_attribute(attribute:"cvss_score_source", value:"CVE-2019-14309");

  script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
  script_set_attribute(attribute:"exploit_available", value:"false");
  script_cwe_id(798);

  script_set_attribute(attribute:"vuln_publication_date", value:"2020/03/13");
  script_set_attribute(attribute:"patch_publication_date", value:"2020/03/13");
  script_set_attribute(attribute:"plugin_publication_date", value:"2024/02/13");

  script_set_attribute(attribute:"plugin_type", value:"remote");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:ricoh:sp_c250dn_firmware:1.05");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:ricoh:sp_c250sf_firmware");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:ricoh:sp_c252dn_firmware");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:ricoh:sp_c252sf_firmware");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_family(english:"Tenable.ot");

  script_copyright(english:"This script is Copyright (C) 2024 and is owned by Tenable, Inc. or an Affiliate thereof.");

  script_dependencies("tenable_ot_api_integration.nasl");
  script_require_keys("Tenable.ot/RICOH");

  exit(0);
}


include('tenable_ot_cve_funcs.inc');

get_kb_item_or_exit('Tenable.ot/RICOH');

var asset = tenable_ot::assets::get(vendor:'RICOH');

var vuln_cpes = {
    "cpe:/o:ricoh:sp_c250sf_firmware" :
        {"family" : "MFP"},
    "cpe:/o:ricoh:sp_c252sf_firmware" :
        {"family" : "MFP"},
    "cpe:/o:ricoh:sp_c250dn_firmware:1.05" :
        {"versionEndIncluding" : "1.05", "versionStartIncluding" : "1.05", "family" : "MFP"},
    "cpe:/o:ricoh:sp_c252dn_firmware" :
        {"family" : "MFP"}
};

tenable_ot::cve::compare_and_report(asset:asset, cpes:vuln_cpes, severity:SECURITY_WARNING);