Change Country/Area Global
Main content

Notice of security investigation: Arbitrary code execution vulnerability caused by ECF library implementation.

First published: 04:30 am on June 18, 2024 (2024-06-18T13:30:00+09:00)
Ricoh Company, Ltd.

Ricoh understands the importance of security and is committed to managing its products and services with the most advanced security technologies possible for its customers worldwide.
Ricoh is aware of the reported "Arbitrary code execution vulnerability" affects certain products and services that Ricoh develops, manufactures, and offers.

 

There is a vulnerability that an attacker can remotely execute arbitrary code on the OS where ECF library used in the system is ready to load Apache Commons BeanUtils that is an open-source library (OSS)

 

Ricoh offers measures detailed below.

  • Advisory ID
    ricoh-prod000077-2024-000004
  • Version
    1.00E
  • CVE ID (CWE ID)
    CVE-2024-36252 ( CWE-923 )
  • CVSSv3 base score
    6.3MEDIUM

Potential impact

There is a vulnerability that an attacker can remotely execute arbitrary code on the OS where RICOH Streamline NX PC Client is installed.

Affected components and versions

Products or Services Components Versions
RICOH Streamline NX V3 RICOH Streamline NX PC Client v3.6.x and earlier

Check the version of the product by one of the following methods on the PC running RICOH Streamline NX PC Client .
-Right-click the icon in the task tray and display the "Version Information" menu.
-Check the version of "RICOH Streamline NX PC Client" from the list of "Programs and Features" in the Control Panel.

Resolution

Please update RICOH Streamline NX PC Client to a version that addresses this vulnerability.

 

Fixed version: 
3.231.0
3.7.2.1 *
3.6.2.2
3.5.1.202
3.4.3.2

 

*Note: Versions 3.7.0 to 3.7.2 also include a fix for this vulnerability, but we recommend using the latest version, 3.7.2.1, due to
other discovered vulnerability below.
Notice of security investigation: Vulnerability that an attacker can escalate privileges to NT Authority\System on the OS where
RICOH Streamline NX PC Client is installed. https://www.ricoh.com/products/security/vulnerabilities/vul?id=ricoh-2024-000005

Contact:

Please contact your local Ricoh representative or dealer if you have any queries.

History :
2024-06-18T13:30:00+09:00 : 1.00E Initial public release

The distribution URL of this page:
https://www.ricoh.com/products/security/vulnerabilities/adv?id=ricoh-prod000077-2024-000004 Please note that any copy or paraphrase of the text of this document that differs in content from the distribution URL link, or omits the URL, is an uncontrolled copy and may lack important information or contain factual errors.