CVE-2019-14301
high-risk
Published 2020-01-10
Ricoh SP C250DN 1.06 devices have Incorrect Access Control (issue 1 of 2).
Do I need to act?
-
0.40% chance of exploitation
EPSS score — low exploit probability
-
Not on CISA KEV list
No confirmed active exploitation reported to CISA
?
Patch status unknown
Check vendor advisories for fix availability and mitigation guidance
7
CVSS 7.5/10
High
NETWORK
/ LOW complexity
Affected Products (20)
Sp 213Suw Firmware
Sp 213Sfnw Firmware
Sp 213Sfw Firmware
Sp 213Sfnw \(Taiwan\) Firmware
Sp 212Nw Firmware
Sp 213Nw Firmware
Sp 213Nw \(Taiwan\) Firmware
Sp 212W Firmware
Sp 213W Firmware
Sp C250Sf Firmware
Sp C252Sf Firmware
Sp C250Dn Firmware
Sp C252Dn Firmware
M C250Fw Firmware
M C250Fwb Firmware
P C300W Firmware
P C301W Firmware
Sp 330Sn Firmware
Sp 330Sfn Firmware
Sp 330Dn Firmware
Affected Vendors
References (4)
Third Party Advisory
http://jvn.jp/en/jp/JVN52962201/index.html
Vendor Advisory
https://www.ricoh.com/info/2019/0823_1/
Third Party Advisory
http://jvn.jp/en/jp/JVN52962201/index.html
Vendor Advisory
https://www.ricoh.com/info/2019/0823_1/
54
/ 100
high-risk
Severity
26/34 · High
Exploitability
2/34 · Minimal
Exposure
26/34 · High