{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2024-39927", "assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce", "state": "PUBLISHED", "assignerShortName": "jpcert", "dateReserved": "2024-07-04T00:02:54.476Z", "datePublished": "2024-07-10T06:55:19.636Z", "dateUpdated": "2024-08-02T04:33:11.023Z"}, "containers": {"cna": {"affected": [{"vendor": "Ricoh Company, Ltd.", "product": "IM C3510/C3010", "versions": [{"version": "prior to System/Copy 2.00-00", "status": "affected"}]}, {"vendor": "Ricoh Company, Ltd.", "product": "IM C6010/C5510/C4510", "versions": [{"version": "prior to System/Copy 2.00-00", "status": "affected"}]}, {"vendor": "Ricoh Company, Ltd.", "product": "IM C2510/C2010", "versions": [{"version": "prior to System/Copy 2.00-00", "status": "affected"}]}, {"vendor": "Ricoh Company, Ltd.", "product": "IM C7010", "versions": [{"version": "prior to System/Copy 1.05-00", "status": "affected"}]}, {"vendor": "Ricoh Company, Ltd.", "product": "IM 460F/460FTL/370/370F", "versions": [{"version": "prior to System/Copy 1.10-00", "status": "affected"}]}, {"vendor": "Ricoh Company, Ltd.", "product": "IM C8500/C8510M/C8500/C8500M", "versions": [{"version": "prior to System 1.04-00", "status": "affected"}]}], "descriptions": [{"lang": "en", "value": "Out-of-bounds write vulnerability exists in Ricoh MFPs and printers. If a remote attacker sends a specially crafted request to the affected products, the products may be able to cause a denial-of-service (DoS) condition and/or user's data may be destroyed."}], "problemTypes": [{"descriptions": [{"description": "Out-of-bounds write", "lang": "en", "type": "text"}]}], "references": [{"url": "https://www.ricoh.com/products/security/vulnerabilities/vul?id=ricoh-2024-000008"}, {"url": "https://jp.ricoh.com/security/products/vulnerabilities/vul?id=ricoh-2024-000008"}, {"url": "https://jvn.jp/en/jp/JVN14294633/"}, {"url": "https://jvn.jp/jp/JVN14294633/"}], "providerMetadata": {"orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce", "shortName": "jpcert", "dateUpdated": "2024-07-10T06:55:19.636Z"}}, "adp": [{"problemTypes": [{"descriptions": [{"type": "CWE", "cweId": "CWE-787", "lang": "en", "description": "CWE-787 Out-of-bounds Write"}]}], "affected": [{"vendor": "ricoh", "product": "im_c3510", "cpes": ["cpe:2.3:h:ricoh:im_c3510:-:*:*:*:*:*:*:*"], "defaultStatus": "unknown", "versions": [{"version": "0", "status": "affected", "lessThan": "system\\/copy_2.00-00", "versionType": "custom"}]}, {"vendor": "ricoh", "product": "im_c3010", "cpes": ["cpe:2.3:h:ricoh:im_c3010:-:*:*:*:*:*:*:*"], "defaultStatus": "unknown", "versions": [{"version": "0", "status": "affected", "lessThan": "system\\/copy_2.00-00", "versionType": "custom"}]}, {"vendor": "ricoh", "product": "im_c6010", "cpes": ["cpe:2.3:h:ricoh:im_c6010:-:*:*:*:*:*:*:*"], "defaultStatus": "unknown", "versions": [{"version": "0", "status": "affected", "lessThan": "system\\/copy_2.00-00", "versionType": "custom"}]}, {"vendor": "ricoh", "product": "im_c5510", "cpes": ["cpe:2.3:h:ricoh:im_c5510:-:*:*:*:*:*:*:*"], "defaultStatus": "unknown", "versions": [{"version": "0", "status": "affected", "lessThan": "system\\/copy_2.00-00", "versionType": "custom"}]}, {"vendor": "ricoh", "product": "im_c4510", "cpes": ["cpe:2.3:h:ricoh:im_c4510:-:*:*:*:*:*:*:*"], "defaultStatus": "unknown", "versions": [{"version": "0", "status": "affected", "lessThan": "system\\/copy_2.00-00", "versionType": "custom"}]}, {"vendor": "ricoh", "product": "im_c2510", "cpes": ["cpe:2.3:h:ricoh:im_c2510:-:*:*:*:*:*:*:*"], "defaultStatus": "unknown", "versions": [{"version": "0", "status": "affected", "lessThan": "system\\/copy_2.00-00", "versionType": "custom"}]}, {"vendor": "ricoh", "product": "im_c2010", "cpes": ["cpe:2.3:h:ricoh:im_c2010:-:*:*:*:*:*:*:*"], "defaultStatus": "unknown", "versions": [{"version": "0", "status": "affected", "lessThan": "system\\/copy_2.00-00", "versionType": "custom"}]}, {"vendor": "ricoh", "product": "im_c7010", "cpes": ["cpe:2.3:h:ricoh:im_c7010:-:*:*:*:*:*:*:*"], "defaultStatus": "unknown", "versions": [{"version": "0", "status": "affected", "lessThan": "system\\/copy_1.05-00", "versionType": "custom"}]}, {"vendor": "ricoh", "product": "im_460f", "cpes": ["cpe:2.3:h:ricoh:im_460f:-:*:*:*:*:*:*:*"], "defaultStatus": "unknown", "versions": [{"version": "0", "status": "affected", "lessThan": "system\\/copy_1.10-00", "versionType": "custom"}]}, {"vendor": "ricoh", "product": "im_460ftl", "cpes": ["cpe:2.3:h:ricoh:im_460ftl:-:*:*:*:*:*:*:*"], "defaultStatus": "unknown", "versions": [{"version": "0", "status": "affected", "lessThan": "system\\/copy_1.10-00", "versionType": "custom"}]}, {"vendor": "ricoh", "product": "370", "cpes": ["cpe:2.3:h:ricoh:370:-:*:*:*:*:*:*:*"], "defaultStatus": "unknown", "versions": [{"version": "0", "status": "affected", "lessThan": "system\\/copy_1.10-00", "versionType": "custom"}]}, {"vendor": "ricoh", "product": "370f", "cpes": ["cpe:2.3:h:ricoh:370f:-:*:*:*:*:*:*:*"], "defaultStatus": "unknown", "versions": [{"version": "0", "status": "affected", "lessThan": "system\\/copy_1.10-00", "versionType": "custom"}]}, {"vendor": "ricoh", "product": "im_c8500", "cpes": ["cpe:2.3:h:ricoh:im_c8500:-:*:*:*:*:*:*:*"], "defaultStatus": "unknown", "versions": [{"version": "0", "status": "affected", "lessThan": "system\\/copy_1.04-00", "versionType": "custom"}]}, {"vendor": "ricoh", "product": "im_c8510m", "cpes": ["cpe:2.3:h:ricoh:im_c8510m:-:*:*:*:*:*:*:*"], "defaultStatus": "unknown", "versions": [{"version": "0", "status": "affected", "lessThan": "system\\/copy_1.04-00", "versionType": "custom"}]}, {"vendor": "ricoh", "product": "im_c8500m", "cpes": ["cpe:2.3:h:ricoh:im_c8500m:-:*:*:*:*:*:*:*"], "defaultStatus": "unknown", "versions": [{"version": "0", "status": "affected", "lessThan": "system\\/copy_1.04-00", "versionType": "custom"}]}], "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 8.2, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H", "integrityImpact": "LOW", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}}, {"other": {"type": "ssvc", "content": {"timestamp": "2024-07-15T13:00:42.871181Z", "id": "CVE-2024-39927", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-07-15T13:14:08.398Z"}}, {"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T04:33:11.023Z"}, "title": "CVE Program Container", "references": [{"url": "https://www.ricoh.com/products/security/vulnerabilities/vul?id=ricoh-2024-000008", "tags": ["x_transferred"]}, {"url": "https://jp.ricoh.com/security/products/vulnerabilities/vul?id=ricoh-2024-000008", "tags": ["x_transferred"]}, {"url": "https://jvn.jp/en/jp/JVN14294633/", "tags": ["x_transferred"]}, {"url": "https://jvn.jp/jp/JVN14294633/", "tags": ["x_transferred"]}]}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "https://www.ricoh.com/products/security/vulnerabilities/vul?id=ricoh-2024-000008", "tags": ["x_transferred"]}, {"url": "https://jp.ricoh.com/security/products/vulnerabilities/vul?id=ricoh-2024-000008", "tags": ["x_transferred"]}, {"url": "https://jvn.jp/en/jp/JVN14294633/", "tags": ["x_transferred"]}, {"url": "https://jvn.jp/jp/JVN14294633/", "tags": ["x_transferred"]}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T04:33:11.023Z"}}, {"title": "CISA ADP Vulnrichment", "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 8.2, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H", "integrityImpact": "LOW", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}}, {"other": {"type": "ssvc", "content": {"id": "CVE-2024-39927", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-07-15T13:00:42.871181Z"}}}], "affected": [{"cpes": ["cpe:2.3:h:ricoh:im_c3510:-:*:*:*:*:*:*:*"], "vendor": "ricoh", "product": "im_c3510", "versions": [{"status": "affected", "version": "0", "lessThan": "system\\/copy_2.00-00", "versionType": "custom"}], "defaultStatus": "unknown"}, {"cpes": ["cpe:2.3:h:ricoh:im_c3010:-:*:*:*:*:*:*:*"], "vendor": "ricoh", "product": "im_c3010", "versions": [{"status": "affected", "version": "0", "lessThan": "system\\/copy_2.00-00", "versionType": "custom"}], "defaultStatus": "unknown"}, {"cpes": ["cpe:2.3:h:ricoh:im_c6010:-:*:*:*:*:*:*:*"], "vendor": "ricoh", "product": "im_c6010", "versions": [{"status": "affected", "version": "0", "lessThan": "system\\/copy_2.00-00", "versionType": "custom"}], "defaultStatus": "unknown"}, {"cpes": ["cpe:2.3:h:ricoh:im_c5510:-:*:*:*:*:*:*:*"], "vendor": "ricoh", "product": "im_c5510", "versions": [{"status": "affected", "version": "0", "lessThan": "system\\/copy_2.00-00", "versionType": "custom"}], "defaultStatus": "unknown"}, {"cpes": ["cpe:2.3:h:ricoh:im_c4510:-:*:*:*:*:*:*:*"], "vendor": "ricoh", "product": "im_c4510", "versions": [{"status": "affected", "version": "0", "lessThan": "system\\/copy_2.00-00", "versionType": "custom"}], "defaultStatus": "unknown"}, {"cpes": ["cpe:2.3:h:ricoh:im_c2510:-:*:*:*:*:*:*:*"], "vendor": "ricoh", "product": "im_c2510", "versions": [{"status": "affected", "version": "0", "lessThan": "system\\/copy_2.00-00", "versionType": "custom"}], "defaultStatus": "unknown"}, {"cpes": ["cpe:2.3:h:ricoh:im_c2010:-:*:*:*:*:*:*:*"], "vendor": "ricoh", "product": "im_c2010", "versions": [{"status": "affected", "version": "0", "lessThan": "system\\/copy_2.00-00", "versionType": "custom"}], "defaultStatus": "unknown"}, {"cpes": ["cpe:2.3:h:ricoh:im_c7010:-:*:*:*:*:*:*:*"], "vendor": "ricoh", "product": "im_c7010", "versions": [{"status": "affected", "version": "0", "lessThan": "system\\/copy_1.05-00", "versionType": "custom"}], "defaultStatus": "unknown"}, {"cpes": ["cpe:2.3:h:ricoh:im_460f:-:*:*:*:*:*:*:*"], "vendor": "ricoh", "product": "im_460f", "versions": [{"status": "affected", "version": "0", "lessThan": "system\\/copy_1.10-00", "versionType": "custom"}], "defaultStatus": "unknown"}, {"cpes": ["cpe:2.3:h:ricoh:im_460ftl:-:*:*:*:*:*:*:*"], "vendor": "ricoh", "product": "im_460ftl", "versions": [{"status": "affected", "version": "0", "lessThan": "system\\/copy_1.10-00", "versionType": "custom"}], "defaultStatus": "unknown"}, {"cpes": ["cpe:2.3:h:ricoh:370:-:*:*:*:*:*:*:*"], "vendor": "ricoh", "product": "370", "versions": [{"status": "affected", "version": "0", "lessThan": "system\\/copy_1.10-00", "versionType": "custom"}], "defaultStatus": "unknown"}, {"cpes": ["cpe:2.3:h:ricoh:370f:-:*:*:*:*:*:*:*"], "vendor": "ricoh", "product": "370f", "versions": [{"status": "affected", "version": "0", "lessThan": "system\\/copy_1.10-00", "versionType": "custom"}], "defaultStatus": "unknown"}, {"cpes": ["cpe:2.3:h:ricoh:im_c8500:-:*:*:*:*:*:*:*"], "vendor": "ricoh", "product": "im_c8500", "versions": [{"status": "affected", "version": "0", "lessThan": "system\\/copy_1.04-00", "versionType": "custom"}], "defaultStatus": "unknown"}, {"cpes": ["cpe:2.3:h:ricoh:im_c8510m:-:*:*:*:*:*:*:*"], "vendor": "ricoh", "product": "im_c8510m", "versions": [{"status": "affected", "version": "0", "lessThan": "system\\/copy_1.04-00", "versionType": "custom"}], "defaultStatus": "unknown"}, {"cpes": ["cpe:2.3:h:ricoh:im_c8500m:-:*:*:*:*:*:*:*"], "vendor": "ricoh", "product": "im_c8500m", "versions": [{"status": "affected", "version": "0", "lessThan": "system\\/copy_1.04-00", "versionType": "custom"}], "defaultStatus": "unknown"}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-787", "description": "CWE-787 Out-of-bounds Write"}]}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-07-15T13:01:18.153Z"}}], "cna": {"affected": [{"vendor": "Ricoh Company, Ltd.", "product": "IM C3510/C3010", "versions": [{"status": "affected", "version": "prior to System/Copy 2.00-00"}]}, {"vendor": "Ricoh Company, Ltd.", "product": "IM C6010/C5510/C4510", "versions": [{"status": "affected", "version": "prior to System/Copy 2.00-00"}]}, {"vendor": "Ricoh Company, Ltd.", "product": "IM C2510/C2010", "versions": [{"status": "affected", "version": "prior to System/Copy 2.00-00"}]}, {"vendor": "Ricoh Company, Ltd.", "product": "IM C7010", "versions": [{"status": "affected", "version": "prior to System/Copy 1.05-00"}]}, {"vendor": "Ricoh Company, Ltd.", "product": "IM 460F/460FTL/370/370F", "versions": [{"status": "affected", "version": "prior to System/Copy 1.10-00"}]}, {"vendor": "Ricoh Company, Ltd.", "product": "IM C8500/C8510M/C8500/C8500M", "versions": [{"status": "affected", "version": "prior to System 1.04-00"}]}], "references": [{"url": "https://www.ricoh.com/products/security/vulnerabilities/vul?id=ricoh-2024-000008"}, {"url": "https://jp.ricoh.com/security/products/vulnerabilities/vul?id=ricoh-2024-000008"}, {"url": "https://jvn.jp/en/jp/JVN14294633/"}, {"url": "https://jvn.jp/jp/JVN14294633/"}], "descriptions": [{"lang": "en", "value": "Out-of-bounds write vulnerability exists in Ricoh MFPs and printers. If a remote attacker sends a specially crafted request to the affected products, the products may be able to cause a denial-of-service (DoS) condition and/or user's data may be destroyed."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "text", "description": "Out-of-bounds write"}]}], "providerMetadata": {"orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce", "shortName": "jpcert", "dateUpdated": "2024-07-10T06:55:19.636Z"}}}, "cveMetadata": {"cveId": "CVE-2024-39927", "state": "PUBLISHED", "dateUpdated": "2024-08-02T04:33:11.023Z", "dateReserved": "2024-07-04T00:02:54.476Z", "assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce", "datePublished": "2024-07-10T06:55:19.636Z", "assignerShortName": "jpcert"}, "dataVersion": "5.1"}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "Out-of-bounds write vulnerability exists in Ricoh MFPs and printers. If a remote attacker sends a specially crafted request to the affected products, the products may be able to cause a denial-of-service (DoS) condition and/or user's data may be destroyed."}, {"lang": "es", "value": "Existe una vulnerabilidad de escritura fuera de los l\u00edmites en las impresoras y equipos multifunci\u00f3n Ricoh. Si un atacante remoto env\u00eda una solicitud especialmente manipulada a los productos afectados, los productos pueden causar una condici\u00f3n de denegaci\u00f3n de servicio (DoS) y/o los datos del usuario pueden ser destruidos."}], "id": "CVE-2024-39927", "lastModified": "2024-08-01T13:56:03.057", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.2, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 4.2, "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary"}]}, "published": "2024-07-10T07:15:03.317", "references": [{"source": "vultures@jpcert.or.jp", "url": "https://jp.ricoh.com/security/products/vulnerabilities/vul?id=ricoh-2024-000008"}, {"source": "vultures@jpcert.or.jp", "url": "https://jvn.jp/en/jp/JVN14294633/"}, {"source": "vultures@jpcert.or.jp", "url": "https://jvn.jp/jp/JVN14294633/"}, {"source": "vultures@jpcert.or.jp", "url": "https://www.ricoh.com/products/security/vulnerabilities/vul?id=ricoh-2024-000008"}], "sourceIdentifier": "vultures@jpcert.or.jp", "vulnStatus": "Awaiting Analysis", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-787"}], "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary"}]}

{}