Vulnerability Description
Ricoh SP C250DN 1.05 devices allow denial of service (issue 2 of 3). Unauthenticated crafted packets to the IPP service will cause a vulnerable device to crash. A memory corruption has been identified in the way of how the embedded device parsed the IPP packets
CVSS Score
CRITICAL
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Ricoh | Sp C250Sf Firmware | All versions |
| Ricoh | Sp C250Sf | - |
| Ricoh | Sp C252Sf Firmware | All versions |
| Ricoh | Sp C252Sf | - |
| Ricoh | Sp C250Dn Firmware | 1.05 |
| Ricoh | Sp C250Dn | - |
| Ricoh | Sp C252Dn Firmware | All versions |
| Ricoh | Sp C252Dn | - |
Related Weaknesses (CWE)
References
- https://www.nccgroup.trust/us/our-research/technical-advisory-multiple-vulnerabiThird Party Advisory
- https://www.ricoh-usa.com/en/support-and-downloadVendor Advisory
- https://www.nccgroup.trust/us/our-research/technical-advisory-multiple-vulnerabiThird Party Advisory
- https://www.ricoh-usa.com/en/support-and-downloadVendor Advisory
FAQ
What is CVE-2019-14310?
CVE-2019-14310 is a vulnerability with a CVSS score of 9.8 (CRITICAL). Ricoh SP C250DN 1.05 devices allow denial of service (issue 2 of 3). Unauthenticated crafted packets to the IPP service will cause a vulnerable device to crash. A memory corruption has been identified...
How severe is CVE-2019-14310?
CVE-2019-14310 has been rated CRITICAL with a CVSS base score of 9.8/10. This is considered a critical vulnerability requiring immediate attention.
Is there a patch for CVE-2019-14310?
Check the references section above for vendor advisories and patch information. Affected products include: Ricoh Sp C250Sf Firmware, Ricoh Sp C250Sf, Ricoh Sp C252Sf Firmware, Ricoh Sp C252Sf, Ricoh Sp C250Dn Firmware.