Vulnerability Description
Ricoh SP C250DN 1.05 devices have an Authentication Method Vulnerable to Brute Force Attacks. Some Ricoh printers did not implement account lockout. Therefore, it was possible to obtain the local account credentials by brute force.
CVSS Score
CRITICAL
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Ricoh | Sp C250Sf Firmware | All versions |
| Ricoh | Sp C250Sf | - |
| Ricoh | Sp C252Sf Firmware | All versions |
| Ricoh | Sp C252Sf | - |
| Ricoh | Sp C250Dn Firmware | 1.05 |
| Ricoh | Sp C250Dn | - |
| Ricoh | Sp C252Dn Firmware | All versions |
| Ricoh | Sp C252Dn | - |
Related Weaknesses (CWE)
References
- https://www.nccgroup.trust/us/our-research/technical-advisory-multiple-vulnerabiThird Party Advisory
- https://www.ricoh-usa.com/en/support-and-downloadVendor Advisory
- https://www.nccgroup.trust/us/our-research/technical-advisory-multiple-vulnerabiThird Party Advisory
- https://www.ricoh-usa.com/en/support-and-downloadVendor Advisory
FAQ
What is CVE-2019-14299?
CVE-2019-14299 is a vulnerability with a CVSS score of 9.8 (CRITICAL). Ricoh SP C250DN 1.05 devices have an Authentication Method Vulnerable to Brute Force Attacks. Some Ricoh printers did not implement account lockout. Therefore, it was possible to obtain the local acco...
How severe is CVE-2019-14299?
CVE-2019-14299 has been rated CRITICAL with a CVSS base score of 9.8/10. This is considered a critical vulnerability requiring immediate attention.
Is there a patch for CVE-2019-14299?
Check the references section above for vendor advisories and patch information. Affected products include: Ricoh Sp C250Sf Firmware, Ricoh Sp C250Sf, Ricoh Sp C252Sf Firmware, Ricoh Sp C252Sf, Ricoh Sp C250Dn Firmware.