What is the severity of CVE-2019-14307?

The severity of CVE-2019-14307 is critical with a CVSS score of 9.8.

How do I determine if my Ricoh printer is affected by CVE-2019-14307?

Check the firmware version of your Ricoh printer and see if it matches the affected versions mentioned in the vulnerability description.

What can an attacker do with CVE-2019-14307?

An attacker can cause a denial of service or execute arbitrary code on the affected Ricoh printers by sending crafted requests to the web server.

How do I fix CVE-2019-14307?

Update the firmware of the affected Ricoh printers to a version that is not vulnerable to CVE-2019-14307.

Where can I find more information about CVE-2019-14307?

You can find more information about CVE-2019-14307 on the JVN website and Ricoh's official support and download page.

Vulnerability/
CVE-2019-14307

critical

9.8

CWE

119

26/8/2019

5/8/2024

CVE-2019-14307: Buffer Overflow

First published: Mon Aug 26 2019(Updated: )

Several Ricoh printers have multiple buffer overflows parsing HTTP parameter settings for SNMP, which allow an attacker to cause a denial of service or code execution via crafted requests to the web server. Affected firmware versions depend on the printer models. One affected configuration is cpe:2.3:o:ricoh:sp_c250dn_firmware:-:*:*:*:*:*:*:* up to (including) 1.06 running on cpe:2.3:o:ricoh:sp_c250dn:-:*:*:*:*:*:*:*, cpe:2.3:o:ricoh:sp_c252dn:-:*:*:*:*:*:*:*. Another affected configuration is cpe:2.3:o:ricoh:sp_c250sf_firmware:-:*:*:*:*:*:*:* up to (including) 1.12 running on cpe:2.3:o:ricoh:sp_c250sf:-:*:*:*:*:*:*:*, cpe:2.3:o:ricoh:sp_c252sf:-:*:*:*:*:*:*:*.

Credit: cve@mitre.org

Affected Software	Affected Version	How to fix
Ricoh SP C250SF	<1.13
Ricoh SP C250SF Firmware
Ricoh SP C252sf Firmware	<1.13
Ricoh SP C252sf Firmware
Ricoh SP C250dn Firmware	<1.07
Ricoh Sp C250sf
Ricoh SP C252dn Firmware	<1.07
Ricoh SP C252dn Firmware

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2019-14307?
The severity of CVE-2019-14307 is critical with a CVSS score of 9.8.
How do I determine if my Ricoh printer is affected by CVE-2019-14307?
Check the firmware version of your Ricoh printer and see if it matches the affected versions mentioned in the vulnerability description.
What can an attacker do with CVE-2019-14307?
An attacker can cause a denial of service or execute arbitrary code on the affected Ricoh printers by sending crafted requests to the web server.
How do I fix CVE-2019-14307?
Update the firmware of the affected Ricoh printers to a version that is not vulnerable to CVE-2019-14307.
Where can I find more information about CVE-2019-14307?
You can find more information about CVE-2019-14307 on the JVN website and Ricoh's official support and download page.

agent/type
collector/mitre-cve
source/MITRE
agent/severity
agent/references
agent/last-modified-date
agent/author
agent/first-publish-date
agent/description
agent/event
agent/source
agent/weakness
agent/tags
agent/softwarecombine
collector/nvd-index
agent/software-canonical-lookup-request
vendor/ricoh
canonical/ricoh sp c250sf firmware
canonical/ricoh sp c252sf firmware
canonical/ricoh sp c250dn firmware
canonical/ricoh sp c250sf
canonical/ricoh sp c252dn firmware

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co

By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.