Update: Notice on potential impact of vulnerability CVE-2021-33945 towards Ricoh products and services
Last updated: July 11, 2022
First published: February 28, 2022
Ricoh Company, Limited.
Ricoh understands the importance of security and is committed to managing its products and services with the most advanced security technologies possible for customers around the world.
Ricoh is aware of the registration of CVE-2021-33945, a vulnerability that could potentially allow denial-of-service (DoS) attacks by causing certain MFPs/printers to consume large amounts of memory. This vulnerability is due to module behaviour, and Ricoh products that use this module are listed here as affected products.
Ricoh has released updated firmware on its driver site. Please download and apply the updated firmware as instructed.
WORKAROUND FOR CUSTOMERS USING IMPACTED PRODUCTS
When using products impacted by this security issue, Ricoh strongly advises that customers use SSID (Service Set Identifier) and password and avoid using a WPS (Wi-Fi® Protected Setup) connection when establishing a wireless connections. Please refer to the following steps.
|Models||Network connection by selecting an access point from the network list||Network connection by direct input of SSID|
|with touch panel|
|with 4-line LCD panel|
|with 2-line LCD panel|
|without LCD panel||—|
Ricoh is committed to supporting customers across the globe, enabling them to operate Ricoh products equipped with the latest security settings. Please note that this page will be updated if there is a change in the status. For further details on best practices for securely setting up your printer or MFP, please visit here.