RICOH SP C250 Series Use of Hard-coded Credentials (CVE-2019-14309)

high Tenable OT Security Plugin ID 501969

Synopsis

The remote OT asset is affected by a vulnerability.

Description

Ricoh SP C250DN 1.05 devices have a fixed password. FTP service credential were found to be hardcoded within the printer firmware.
This would allow to an attacker to access and read information stored on the shared FTP folders.

This plugin only works with Tenable.ot.
Please visit https://www.tenable.com/products/tenable-ot for more information.

Solution

Refer to the vendor advisory.

See Also

http://www.nessus.org/u?e793f04b

https://www.ricoh-usa.com/en/support-and-download

Plugin Details

Severity: High

ID: 501969

Version: 1.1

Type: remote

Family: Tenable.ot

Published: 2/13/2024

Updated: 2/14/2024

Supported Sensors: Tenable OT Security

Risk Information

VPR

Risk Factor: Low

Score: 3.6

CVSS v2

Risk Factor: Medium

Base Score: 5

Temporal Score: 3.7

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N

CVSS Score Source: CVE-2019-14309

CVSS v3

Risk Factor: High

Base Score: 7.5

Temporal Score: 6.5

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Temporal Vector: CVSS:3.0/E:U/RL:O/RC:C

Vulnerability Information

CPE: cpe:/o:ricoh:sp_c250sf_firmware, cpe:/o:ricoh:sp_c250dn_firmware:1.05, cpe:/o:ricoh:sp_c252sf_firmware, cpe:/o:ricoh:sp_c252dn_firmware

Required KB Items: Tenable.ot/RICOH

Exploit Ease: No known exploits are available

Patch Publication Date: 3/13/2020

Vulnerability Publication Date: 3/13/2020

Reference Information

CVE: CVE-2019-14309

CWE: 798