Vulnerabilities identified in office printers could expose firms to data theft and sabotage.
Ricoh has warned of multiple cybersecurity vulnerabilities affecting a range of its multi-function printers (MFPs) and standalone models. Two separate disclosures from the company detail risks ranging from cross-site scripting attacks to stack overflow vulnerabilities that could allow attackers to access confidential data or remotely control devices.
More details here: https://www.ricoh-europe.com/news-events/news/specific-ricoh-mfp-and-printer-products-vulnerabilities-in-the-postscript/ and here: https://www.ricoh-europe.com/news-events/news/specific-ricoh-mfp-and-printer-multiple-vulnerabilities/.
The flaws impact both firmware and administrative tools such as BRAdmin Light, according to Ricoh’s European division. Affected models include the IM, SP, and P series commonly deployed in corporate environments. One issue, involving the PostScript interpreter on some devices, enables reflected XSS attacks via the Web Image Monitor interface.
While no active exploits have been reported, Ricoh advises immediate updates and recommends isolating printers from public networks. Security researchers from HackDefense, Precicom Technologies and Sprocket Security were credited for identifying the flaws.
Ricoh has published firmware updates and mitigation steps online, urging organisations to audit their printer fleets to prevent possible intrusions.
