Information List by Vulnerability

Specific Ricoh Printer Products - Java TM Platform vulnerability

: First published: 04:00 am on August 06, 2024 (2024-08-06T13:00:00+09:00); Ricoh Company, Ltd.

Ricoh has identified a vulnerability in Java TM Platform that would automatically enable outdated TLS versions (TLS 1.0 and TLS 1.1) when a firmware update is performed.
List 1 below shows the affected products. Ricoh provides countermeasures with detailed information linked in the list.

Vulnerability Information ID

ricoh-2024-000010
Version

1.00E
CVE ID(CWE ID)

CVE-2024-41995 ( CWE-1188)
CVSSv3 base score

2.4 LOW

List1:Ricoh products and services affected by this vulnerability

Product/service	Link to details
SP C340DN	Affected. For details, please refer to the following URL. https://www.ricoh.com/products/security/vulnerabilities/adv?id=ricoh-prod000232-2024-000010
SP C342DN	Affected. For details, please refer to the following URL. https://www.ricoh.com/products/security/vulnerabilities/adv?id=ricoh-prod000233-2024-000010
SP C840DN/C842DN	Affected. For details, please refer to the following URL. https://www.ricoh.com/products/security/vulnerabilities/adv?id=ricoh-prod000144-2024-000010
SP C352DN	Affected. For details, please refer to the following URL. https://www.ricoh.com/products/security/vulnerabilities/adv?id=ricoh-prod000239-2024-000010
SP 5300DN/5310DN	Affected. For details, please refer to the following URL. https://www.ricoh.com/products/security/vulnerabilities/adv?id=ricoh-prod000135-2024-000010

Contact

Please contact your local Ricoh representative or dealer if you have any queries.

History:
2024-08-06T13:00:00+09:00 : 1.00E Initial public release

The distribution URL of this page:
https://www.ricoh.com/products/security/vulnerabilities/vul?id=ricoh-2024-000010 Please note that any copy or paraphrase of the text of this document that differs in content from the distribution URL link, or omits the URL, is an uncontrolled copy and may lack important information or contain factual errors.