Policy for informasjonskapsler

Ricoh bruker datainnsamlingsverktøy som f.eks. informasjonskapsler for å forbedre opplevelsen din når du bruker nettstedet. Du kan lære hvordan man endrer disse innstillingene og henter mer informasjon om informasjonskapsler her.

Update: Notice on Ripple20 Treck TCP/IP Stack Potential Vulnerabilities

First published July 8, 2020
Date of current status July 31, 2020

Ricoh Company, Ltd.

Ricoh is aware of the security vulnerabilities known as the “Ripple20” disclosed by the JSOF on June 16, 2020. These vulnerabilities could potentially allow a remote hacker to trigger an information leak if a specific TCP/IP stack version is used.

https://www.jsof-tech.com/ripple20/

https://us-cert.cisa.gov/ics/advisories/icsa-20-168-01

We have confirmed that Ricoh A3-sized multi-function printers, production printers, digital duplicators, Interactive White Boards, projectors, and Unified Communication Systems do not use IP stack modules from Treck Inc. and Kasago of Zuken Elmic, Inc. The affected printers and A4-sized multi-function printers are confirmed only as following:

Model NameCVEs

SP 230SFNw 

SP 230DNw

  • CVE-2019-12264
  • CVE-2020-11896
  • CVE-2020-11898
  • CVE-2020-11900
  • CVE-2020-11901
  • CVE-2020-11902
  • CVE-2020-11903
  • CVE-2020-11906
  • CVE-2020-11907
  • CVE-2020-11909
  • CVE-2020-11910
  • CVE-2020-11911
  • CVE-2020-11912
  • CVE-2020-11913
  • CVE-2020-11914

P 201W 

M 340W 

M 340FW (China model)

  • CVE-2019-12264
  • CVE-2020-11896
  • CVE-2020-11898
  • CVE-2020-11900 
  • CVE-2020-11901 
  • CVE-2020-11902
  • CVE-2020-11903
  • CVE-2020-11906
  • CVE-2020-11907
  • CVE-2020-11909
  • CVE-2020-11910
  • CVE-2020-11911
  • CVE-2020-11912
  • CVE-2020-11913
  • CVE-2020-11914
Aficio SP 1210N
  • CVE-2019-12264
  • CVE-2020-11896
  • CVE-2020-11898
  • CVE-2020-11902
  • CVE-2020-11900
  • CVE-2020-11901
  • CVE-2020-11903
  • CVE-2020-11906
  • CVE-2020-11907
  • CVE-2020-11908
  • CVE-2020-11909
  • CVE-2020-11910
  • CVE-2020-11912
  • CVE-2020-11913
  • CVE-2020-11914

Aficio GX e3300N 

Aficio GX e7700N

  • CVE-2019-12264
  • CVE-2020-11911
  • CVE-2020-11901
  • CVE-2020-11912
  • CVE-2020-11903
  • CVE-2020-11907
  • CVE-2020-11910

THE POTENTIAL VULNERABILITY SUMMARY

The affected printer has potential vulnerabilities which may cause a device stall, memory destruction, and network failure, but won't be exploited by a springboard attack or cause confidential information leakage. Please visit here.

This vulnerability will not affect devices connected to the customer's network if the network is properly configured against external attacks. Ricoh recommends always using best practices for network protection, including:

  1. When the device is connected to a network, ensure that the network is protected, for example, by a firewall.
  2. Install the device in a secure network where users restrictions are in place.

RESOLUTION

Please download the updated firmware as below. Ricoh will release further updated firmware on the driver site as it is available.


Model NameNew Firmware VersionSolved CVEs
Aficio GX e3300N

Ver.1.19 

https://support.ricoh.com/bb/html/dr_ut_e/re2/model/gxe330/gxe330.htm



CVE-2020-11907

Aficio GX e7700N

Ver.1.05

https://support.ricoh.com/bb/html/dr_ut_e/rc2/model/gxe770/gxe770.htm

The security and integrity of our customers' data and devices remain of utmost importance to Ricoh and will publish additional advisories for any other affected models, when applicable.

For further details on best practices for securely setting up your printer or MFP, please visit here.

|Om Ricoh|

Ricoh legger til rette for digitale arbeidsplasser ved hjelp av innovative teknologier og tjenester som lar ansatte jobbe smartere. I mer enn 80 år har Ricoh vært pådriver for innovasjon, og er i dag en ledende leverandør av løsninger innen dokumenthåndtering, møteromsløsninger, IT-tjenester, kommersielt og industrielt trykk, digitale kameraer og industrielle systemer.

Hovedkvarteret ligger i Tokyo, og Ricoh Group driver forretninger i rundt 200 land og regioner. I finansåret som ble avsluttet i mars 2019 hadde Ricoh Group et globalt salg på 2 013 milliarder yen som tilsvarer rundt 18,1 milliarder USD)

For mer informasjon, se www.ricoh.no


Eller ta kontakt med:
Pål Arne Grøttem
Sales 
and Marketing Director
Ricoh Norge AS
Innspurten 13
0663 Oslo
Norway
Tel: + 47
48046000
paal.arne.grottem@ricoh.no 

Nettside: www.ricoh.no 

Følg oss på Facebook: https://www.facebook.com/RicohNorge/ 
Følg oss på LinkedIn: www.linkedin.com/company/ricoh-norge-as
Følg oss på Twitter: www.twitter.com/ricoheurope
Registrer deg på Ricohs mediesenter: www.ricoh-europe.com/press