Potential impact of remote code execution vulnerability (CVE-2023-507354, CVE-2023-507355, CVE-2023-507356, CVE-2023-507357) towards Ricoh printersRicoh has identified multiple vulnerabilities involving remote code execution affecting M C240 (CVE-2023-507354, CVE-2023-507355, CVE-2023-507356, CVE-2023-507357).
Ricoh offers measures detailed below.
These vulnarevilities allow arbitrary code to be executed remotely.
| Products or Services | Components | Versions |
|---|---|---|
| M C240FW | Firmware | Ver.1.09(230.041) or earlier |
Do the following to determine the firmware version of the device:
1. Select the following from the operation panel.
Settings → Reports → Menu Setting Page
2. Check the firmware level listed under “Device Information".
Please download the updated firmware at the following links:
https://support.ricoh.com/bb/html/dr_ut_e/rc3/model/mc240fw/mc240fw.htm
Fixed version:
Ver.1.10(CVE-2023-507354, CVE-2023-507355, CVE-2023-507356)
Ver.1.09(CVE-2023-507357)
Please contact your local Ricoh representative or dealer if you have any queries.
The distribution URL of this page:
https://www.ricoh.com/products/security/vulnerabilities/adv?id=ricoh-prod000067-2024-000001 Please note that any copy or paraphrase of the text of this document that differs in content from the distribution URL link, or omits the URL, is an uncontrolled copy and may lack important information or contain factual errors.
