Update: Notice on Ripple20 Treck TCP/IP Stack Potential Vulnerabilities
Ricoh is aware of the security vulnerabilities known as the “Ripple20” disclosed by the JSOF on June 16, 2020. These vulnerabilities could potentially allow a remote hacker to trigger an information leak if a specific TCP/IP stack version is used.
https://www.jsof-tech.com/ripple20/
https://www.cisa.gov/news-events/ics-advisories/icsa-20-168-01
We have confirmed that Ricoh A3-sized multi-function printers, production printers, digital duplicators, Interactive White Boards, projectors, and Unified Communication Systems do not use IP stack modules from Treck Inc. and Kasago of Zuken Elmic, Inc. The affected printers and A4-sized multi-function printers are confirmed only as following:
| Model name | CVEs |
| SP 230SFNw SP 230DNw | CVE-2019-12264 CVE-2020-11896 CVE-2020-11898 CVE-2020-11900 CVE-2020-11901 CVE-2020-11902 CVE-2020-11903 CVE-2020-11906 CVE-2020-11907 CVE-2020-11909 CVE-2020-11910 CVE-2020-11911 CVE-2020-11912 CVE-2020-11913 CVE-2020-11914 |
P 201W | CVE-2019-12264 CVE-2020-11896 CVE-2020-11898 CVE-2020-11900 CVE-2020-11901 CVE-2020-11902 CVE-2020-11903 CVE-2020-11906 CVE-2020-11907 CVE-2020-11909 CVE-2020-11910 CVE-2020-11911 CVE-2020-11912 CVE-2020-11913 CVE-2020-11914 |
| Aficio SP 1210N | CVE-2019-12264 CVE-2020-11896 CVE-2020-11898 CVE-2020-11900 CVE-2020-11901 CVE-2020-11902 CVE-2020-11903 CVE-2020-11906 CVE-2020-11907 CVE-2020-11908 CVE-2020-11909 CVE-2020-11910CVE-2020-11911 CVE-2020-11912 CVE-2020-11913 CVE-2020-11914 |
| Aficio GX e3300N Aficio GX e7700N | CVE-2019-12264 CVE-2020-11901 CVE-2020-11903 CVE-2020-11907 CVE-2020-11910 CVE-2020-11911 CVE-2020-11912 |
The Potential vulnerability summary
The affected printer has potential vulnerabilities which may cause a device stall, memory destruction, and network failure, but won't be exploited by a springboard attack or cause confidential information leakage. Please visit here.
This vulnerability will not affect devices connected to the customer’s network if the network is properly configured against external attacks. Ricoh recommends always using best practices for network protection, including:
- When the device is connected to a network, ensure that the network is protected, for example, by a firewall.
- Install the device in a secure network where users restrictions are in place.
Resolution
Please download the updated firmware as below. Ricoh will release further updated firmware on the driver site as it is available.
| Model name | New firmware version | Solved CVEs |
| Aficio GX e3300sfs | Ver.1.19 *1 View here | CVE-2020-11907 |
| Aficio GX e7700N | Ver.1.05 *1 View here | CVE-2020-11907 |
| SP 230SFNw SP 230DNw | Ver.1.05 *2 View here | CVE-2019-12264 CVE-2020-11896 CVE-2020-11898 CVE-2020-11900 CVE-2020-11901 CVE-2020-11902 CVE-2020-11903 CVE-2020-11906 CVE-2020-11907 CVE-2020-11909 CVE-2020-11910 CVE-2020-11911 CVE-2020-11912 CVE-2020-11913 CVE-2020-11914 |
| M 340W M 340FW P 201W (China Model) | Ver.1.01 *2 View here Note: The above firmware update guide is applied for P 201W as well. | CVE-2019-12264 CVE-2020-11896 CVE-2020-11898 CVE-2020-11900 CVE-2020-11901 CVE-2020-11902 CVE-2020-11903 CVE-2020-11906 CVE-2020-11907 CVE-2020-11909 CVE-2020-11910 CVE-2020-11911 CVE-2020-11912 CVE-2020-11913 CVE-2020-11914 |
*1) updated July 31.2020
*2) updated September 25, 2020
The security and integrity of our customers' data and devices remain of utmost importance to Ricoh and will publish additional advisories for any other affected models, when applicable.
For further details on best practices for securely setting up your printer or MFP, please visit here.
News & Events
Keep up to date
- 14Nov
Ricoh IM C320F Wins a 2025 Pick Award from Keypoint Intelligence
- 31Oct
Ricoh publishes Ricoh Group Integrated Report 2024 and Ricoh Group Environmental Report 2024
- 21Oct
RICOH Free Webinar Series : “Cyber Transformation & Operations”
- 18Oct
Ricoh joins the Japan Center for Engagement and Remedy on Business and Human Rights as a regular member