Ricoh Printers and MFPs Vulnerable to Remote Code Execution – CVE-2024-47939 (CVSS 9.8)

by do son ·

Ricoh Printers - CVE-2024-47939

A critical vulnerability has been discovered in Ricoh’s Web Image Monitor, impacting a wide range of their printer and MFP products.

The vulnerability, identified as CVE-2024-47939 and assigned a CVSS score of 9.8, could allow attackers to execute arbitrary code or cause a denial-of-service (DoS) condition. This vulnerability stems from a stack-based buffer overflow caused by improper handling of HTTP requests within the Web Image Monitor.

Ricoh’s Web Image Monitor is a web server embedded in many of their laser printers and MFPs, providing a web-based interface for device management and monitoring. An attacker could exploit this vulnerability by sending a specially crafted HTTP request to the device.

“Ricoh has identified a buffer overflow vulnerability (CVE-2024-47939) when using the Web Image Monitor that could potentially allow a denial of service (DoS) or remote code execution attack,” reads the security advisory.

The impact of successful exploitation could be severe. Attackers could potentially take complete control of the affected device, potentially leading to data breaches, malware propagation, or disruption of printing services.

Ricoh has acknowledged the vulnerability and has released firmware updates to address the issue. Users of affected devices are strongly urged to update their firmware to the latest version immediately. A full list of affected devices and corresponding firmware updates can be found on the Ricoh security advisories page.

Organizations should prioritize patching vulnerable devices to minimize their attack surface and protect their networks from potential cyberattacks.

Related Posts:

Tags: CVE-2024-47939RicohRicoh PrintersWeb Image Monitor