CVE-2022-43969

high-risk
Published 2023-02-16

Ricoh mp_c4504ex devices with firmware 1.06 mishandle credentials.

Do I need to act?

-
0.33% chance of exploitation
EPSS score — low exploit probability
-
Not on CISA KEV list
No confirmed active exploitation reported to CISA
?
Patch status unknown
Check vendor advisories for fix availability and mitigation guidance
9
CVSS 9.1/10 Critical
NETWORK / LOW complexity

Affected Products (20)

Mp C307 Firmware
Mp C407 Firmware
Mp C406 Firmware
Mp C306 Firmware
Im Cw2200 Firmware
Im Cw2201 Firmware
Mp 402Spf Firmware
Mp C2003 Smart Operation Panel Firmware
Mp C2503 Smart Operation Panel Firmware
Mp C2003 Firmware
Mp C2503 Firmware
Mp C4503 Firmware
Mp C5503 Firmware
Mp C6003 Firmware
Mp C3003 Firmware
Mp C3503 Firmware
Mp C4503 Smart Operation Panel Firmware
Mp C5503 Smart Operation Panel Firmware
Mp C6003 Smart Operation Panel Firmware
Mp C3003 Smart Operation Panel Firmware

Affected Vendors

Ricoh

References (4)

Vendor Advisory https://www.ricoh.com/products/security/vulnerabilities/vul?id=ricoh-2022-000002
Product https://www.ricoh.com/software/dev_soft_manager
Vendor Advisory https://www.ricoh.com/products/security/vulnerabilities/vul?id=ricoh-2022-000002
Product https://www.ricoh.com/software/dev_soft_manager
60
/ 100
high-risk
Severity 31/34 · Critical
Exploitability 1/34 · Minimal
Exposure 28/34 · Critical