Ricoh Printers and MFPs Vulnerable to Remote Code Execution – CVE-2024-47939 (CVSS 9.8)
A critical vulnerability has been discovered in Ricoh’s Web Image Monitor, impacting a wide range of their printer and MFP products.
The vulnerability, identified as CVE-2024-47939 and assigned a CVSS score of 9.8, could allow attackers to execute arbitrary code or cause a denial-of-service (DoS) condition. This vulnerability stems from a stack-based buffer overflow caused by improper handling of HTTP requests within the Web Image Monitor.
Ricoh’s Web Image Monitor is a web server embedded in many of their laser printers and MFPs, providing a web-based interface for device management and monitoring. An attacker could exploit this vulnerability by sending a specially crafted HTTP request to the device.
“Ricoh has identified a buffer overflow vulnerability (CVE-2024-47939) when using the Web Image Monitor that could potentially allow a denial of service (DoS) or remote code execution attack,” reads the security advisory.
The impact of successful exploitation could be severe. Attackers could potentially take complete control of the affected device, potentially leading to data breaches, malware propagation, or disruption of printing services.
Ricoh has acknowledged the vulnerability and has released firmware updates to address the issue. Users of affected devices are strongly urged to update their firmware to the latest version immediately. A full list of affected devices and corresponding firmware updates can be found on the Ricoh security advisories page.
Organizations should prioritize patching vulnerable devices to minimize their attack surface and protect their networks from potential cyberattacks.
Related Posts:
- Sharp and Toshiba Tec MFPs Exposed: Multiple Vulnerabilities Put Businesses at Risk
- Over 1,000 Lexmark printers worldwide are exposed online
- HP published the patch to fix security flaws on 225 different models of inkjet printers
- HP fixes high-risk printer vulnerabilities affecting more than 150 HP printers
