Ricoh said it is aware of the security vulnerabilities known as the “Ripple20” disclosed by the JSOF on 16 June 2020.
These vulnerabilities could potentially allow a remote hacker to trigger an information leak if a specific TCP/IP stack version is used.
Ricoh said in its announcement: “We have confirmed that Ricoh A3-sized multi-function printers, production printers, digital duplicators, Interactive White Boards, projectors, and Unified Communication Systems do not use IP stack modules from Treck Inc. and Kasago of Zuken Elmic, Inc. A small number of printers and A4-sized multi-function printers are still under investigation.
“The security and integrity of our customers’ data and devices remain of utmost importance to Ricoh and will publish an advisory for the affected model. As more information becomes available, we will update this web page.”
For further details on best practices for securely setting up a printer or MFP, Ricoh has created a website here, that details instructions for users.
