Notification of vulnerabilities in the PostScript interpreter and an input validation vulnerability in the SE Menu towards some Ricoh printers.
Ricoh Europe said it has identified vulnerabilities in the PostScript interpreter (CVE-2023-50734, CVE-2023-50735, CVE-2023-50736) and an input validation vulnerability in the SE Menu (CVE-2023-50737) towards Ricoh printers.
- CVE-2023-50734?Buffer overflow vulnerability in PostScript interpreter that can be leveraged by an attacker to execute arbitrary code.
- CVE-2023-50735?Heap corruption vulnerability in PostScript interpreter that can be leveraged by an attacker to execute arbitrary code.
- CVE-2023-50736?Memory corruption vulnerability in PostScript interpreter that can be leveraged by an attacker to execute arbitrary code.
- CVE-2023-50737?Vulnerability in one of the SE menu routines can be leveraged by an attacker to execute arbitrary code.
List 1 below shows the affected printers. Ricoh offers measures detailed in the hyperlinked pages in the list.
| Product/service | Link to details |
| M C240FW | Affected. For details, please refer to the following URL.
https://www.ricoh.com/products/security/vulnerabilities/adv?id=ricoh-prod000067-2024-000001 |
| P C200W | Affected. For details, please refer to the following URL.
https://www.ricoh.com/products/security/vulnerabilities/adv?id=ricoh-prod000065-2024-000001 |
Ricoh asked customers to contact their representative or dealer with any queries.
