Specific Ricoh MFP and Printer Products - Vulnerabilities in the PostScript

Ricoh has identified a reflected cross-site scripting vulnerability (XSS) via Web Image monitor (CVE ID is pending).

This vulnerability could allow an arbitrary script to be executed remotely.

The risk of vulnerability can be reduced by not directly connecting the product or service to the Internet, and using it within a network protected by a firewall or broadband router, or by setting a private IP address to make it inaccessible from the Internet.

Vulnerability Information ID: ricoh-2025-000001

Version: 1.01E

CVE ID(CWE ID)

CVSSv3 base score 6.1MEDIUM

To ensure stronger security, please follow the measures outlined below.

https://www.ricoh.com/security/products/setting

List 1 below shows the affected products and services.

List1: Ricoh products and services affected by this vulnerability

Product/service	Link to details
IM 350F/350/430F/430Fb	Affected. For details, please refer to the following URL. https://www.ricoh.com/products/security/vulnerabilities/adv?id=ricoh-prod000016-2025-000001
M C320FW/C320FSE	Affected. For details, please refer to the following URL. https://www.ricoh.com/products/security/vulnerabilities/adv?id=ricoh-prod000268-2025-000001
P C375	Affected. For details, please refer to the following URL. https://www.ricoh.com/products/security/vulnerabilities/adv?id=ricoh-prod000269-2025-000001
IM 550F/600F/600SRF	Affected. For details, please refer to the following URL. https://www.ricoh.com/products/security/vulnerabilities/adv?id=ricoh-prod000013-2025-000001
SP 5300DN/5310DN	Affected. For details, please refer to the following URL. https://www.ricoh.com/products/security/vulnerabilities/adv?id=ricoh-prod000135-2025-000001
P 800/801	Affected. For details, please refer to the following URL. https://www.ricoh.com/products/security/vulnerabilities/adv?id=ricoh-prod000136-2025-000001
IM 350F/350/430F/430Fb	Affected. For details, please refer to the following URL. https://www.ricoh.com/products/security/vulnerabilities/adv?id=ricoh-prod000137-2025-000001
P 501/502	Affected. For details, please refer to the following URL. https://www.ricoh.com/products/security/vulnerabilities/adv?id=ricoh-prod000137-2025-000001
IM 2500/3000/3500/4000/5000/6000	Affected. For details, please refer to the following URL. https://www.ricoh.com/products/security/vulnerabilities/adv?id=ricoh-prod000010-2025-000001
SP 8400DN	Affected. For details, please refer to the following URL. https://www.ricoh.com/products/security/vulnerabilities/adv?id=ricoh-prod000138-2025-000001
MP 402SPF	Affected. For details, please refer to the following URL. https://www.ricoh.com/products/security/vulnerabilities/adv?id=ricoh-prod000057-2025-000001
IM C400F/C400SRF/C300F/C300	Affected. For details, please refer to the following URL. https://www.ricoh.com/products/security/vulnerabilities/adv?id=ricoh-prod000008-2025-000001
P C600	Affected. For details, please refer to the following URL. https://www.ricoh.com/products/security/vulnerabilities/adv?id=ricoh-prod000143-2025-000001
IM 370/370F/460F/460FTL	Affected. For details, please refer to the following URL. https://www.ricoh.com/products/security/vulnerabilities/adv?id=ricoh-prod000160-2025-000001
IM 7000/8000/9000	Affected. For details, please refer to the following URL. https://www.ricoh.com/products/security/vulnerabilities/adv?id=ricoh-prod000012-2025-000001
IM C3000/C3500	Affected. For details, please refer to the following URL. https://www.ricoh.com/products/security/vulnerabilities/adv?id=ricoh-prod000005-2025-000001
IM C4500/C5500/C6000	Affected. For details, please refer to the following URL. https://www.ricoh.com/products/security/vulnerabilities/adv?id=ricoh-prod000006-2025-000001
M C2001	Affected. For details, please refer to the following URL. https://www.ricoh.com/products/security/vulnerabilities/adv?id=ricoh-prod000018-2025-000001
IM C2000/C2500	Affected. For details, please refer to the following URL. https://www.ricoh.com/products/security/vulnerabilities/adv?id=ricoh-prod000007-2025-000001
IM C3010/C3510	Affected. For details, please refer to the following URL. https://www.ricoh.com/products/security/vulnerabilities/adv?id=ricoh-prod000156-2025-000001
IM C4510/C5510/C6010	Affected. For details, please refer to the following URL. https://www.ricoh.com/products/security/vulnerabilities/adv?id=ricoh-prod000157-2025-000001
IM C2010/C2510	Affected. For details, please refer to the following URL. https://www.ricoh.com/products/security/vulnerabilities/adv?id=ricoh-prod000158-2025-000001
IM C7010	Affected. For details, please refer to the following URL. https://www.ricoh.com/products/security/vulnerabilities/adv?id=ricoh-prod000159-2025-000001
IM CW2200	Affected. For details, please refer to the following URL. https://www.ricoh.com/products/security/vulnerabilities/adv?id=ricoh-prod000060-2025-000001
IP CW2200	Affected. For details, please refer to the following URL. https://www.ricoh.com/products/security/vulnerabilities/adv?id=ricoh-prod000162-2025-000001
SP C352DN	Affected. For details, please refer to the following URL. https://www.ricoh.com/products/security/vulnerabilities/adv?id=ricoh-prod000239-2025-000001

Contact

Please contact your local Ricoh representative or dealer if you have any queries.

Acknowledgement:

Ricoh would like to thank Juan Pablo Gomez Postigo of Sprocket Security, Niels Eris of HackDefense, and Vincent Theriault of Precicom Technologies Inc. for reporting this vulnerability.

History:

2025-05-01T10:00:00+09:00 : 1.01E Updated List1

2025-04-30T10:00:00+09:00 : 1.00E Initial public release

| Om Ricoh |

Ricoh är en ledande leverantör av integrerade digitala tjänster samt utskrifts- och bildlösningar utformade för att stödja den digitala omvandlingen av arbetsplatser och arbetsytor samt optimera företagsprestanda.

Med huvudkontor i Tokyo når Ricohs globala verksamhet kunder i cirka 200 länder och regioner, stödd av förvärvad kunskap, teknologi och organisatorisk kapacitet som har utvecklats under dess 85-åriga historia. Under det finansiella året som avslutades i mars 2024 hade Ricoh-koncernen en global försäljning på 2 348 miljarder yen (ca 15,5 miljarder USD).

Det är Ricohs uppdrag och vision att ge människor möjlighet att förverkliga sig själva genom arbete genom att förstå och förändra hur människor arbetar så att vi kan frigöra deras potential och kreativitet för att förverkliga en hållbar framtid.

För mer information, vänligen besök www.ricoh-europe.com alternativt www.ricoh.se

Mediakontakt:
Ricoh Europe PLC
Charlotte Fernandez
E-mail: media@ricoh-europe.com
Homepage: www.ricoh-europe.com

Följ oss på X: www.twitter.com/ricoheurope
Följ oss på LinkedIn: www.linkedin.com/company/ricoh-sverige-ab
Följ oss på Youtube: www.youtube.com/ricoheurope

Företagslösningar

Produkter och tjänster

Din supportplattform

Tonerreturer och förfalskningar

Håll dig uppdaterad

Om oss

Alla insikter

Format

Tema

On the Spot​

Specific Ricoh MFP and Printer Products - Vulnerabilities in the PostScript

List1: Ricoh products and services affected by this vulnerability

Företagslösningar

Produkter och tjänster

Support och kontakt

Resurser