Due to new potential security vulnerabilities in some of its printers and multifunction printers (MFPs), Ricoh has issued new firmware updates.
Ricoh has provided new firmware updates to address the newly identified vulnerabilities. The firmware version was amended on 27 August.
Models effected are Ricoh SP C250SF and SP C252SF with identified security vulnerabilities CVE-2019-14300, 14305, 14307 and 14308, which are all corrected by installing firmware ver.1.13, released in August 2019.
Also effected are Ricoh SP C250DN and SP C252DN devices with identified security vulnerabilities CVE-2019-14300, 14305, 14307 and 14308, which are all corrected by installing firmware ver.1.07, released in August 2019.
To minimise potential security risks, Ricoh is asking that customers follow the below practices.
- When the device is connected to a network, make sure that the network is protected, for instance, by a firewall.
- Install the device in a secure network where users are restricted.
- To protect the device from fraudulent operation by malicious persons, make sure to set up and periodically change passwords for the administrator and supervisor.
- Complex passwords more than eight characters are recommended.
- Install the device in an environment under appropriate physical security to prevent unauthorized access.