Lucene search

Sp C252Sf Firmware Security Vulnerabilities - 2020

cve

CVE-2019-14299

Ricoh SP C250DN 1.05 devices have an Authentication Method Vulnerable to Brute Force Attacks. Some Ricoh printers did not implement account lockout. Therefore, it was possible to obtain the local account credentials by brute force.

9.8CVSS

9.2AI Score

0.002EPSS

2020-03-13 07:15 PM

cve

CVE-2019-14301

Ricoh SP C250DN 1.06 devices have Incorrect Access Control (issue 1 of 2).

7.5CVSS

8.2AI Score

0.001EPSS

2020-01-10 06:15 PM

103

cve

CVE-2019-14302

On Ricoh SP C250DN 1.06 devices, a debug port can be used.

6.8CVSS

6.8AI Score

0.001EPSS

2020-01-10 06:15 PM

102

cve

CVE-2019-14303

Ricoh SP C250DN 1.05 devices allow denial of service (issue 1 of 3). Some Ricoh printers were affected by a wrong LPD service implementation that lead to a denial of service vulnerability.

7.5CVSS

7.4AI Score

0.001EPSS

2020-03-13 07:15 PM

cve

CVE-2019-14304

Ricoh SP C250DN 1.06 devices allow CSRF.

8.8CVSS

8.7AI Score

0.001EPSS

2020-01-10 06:15 PM

104

cve

CVE-2019-14306

Ricoh SP C250DN 1.06 devices have Incorrect Access Control (issue 2 of 2).

7.5CVSS

7.9AI Score

0.001EPSS

2020-01-10 06:15 PM

100

cve

CVE-2019-14309

Ricoh SP C250DN 1.05 devices have a fixed password. FTP service credential were found to be hardcoded within the printer firmware. This would allow to an attacker to access and read information stored on the shared FTP folders.

7.5CVSS

7.3AI Score

0.002EPSS

2020-03-13 07:15 PM

cve

CVE-2019-14310

Ricoh SP C250DN 1.05 devices allow denial of service (issue 2 of 3). Unauthenticated crafted packets to the IPP service will cause a vulnerable device to crash. A memory corruption has been identified in the way of how the embedded device parsed the IPP packets

9.8CVSS

9.3AI Score

0.002EPSS

2020-03-13 07:15 PM