SB2024061819 - Multiple vulnerabilities in Ricoh Streamline NX PC Client
Published: June 18, 2024
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 4 vulnerabilities.
1) Improper restriction of communication channel to intended endpoints (CVE-ID: CVE-2024-36252)
CWE-ID: CWE-923 - Improper Restriction of Communication Channel to Intended Endpoints
CVSSv4: CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Green
The vulnerability allows a remote attacker to compromise the target system.
The vulnerability exists due to improper restriction of communication channel to intended endpoints. A remote attacker on the local network can execute arbitrary code on the system.
2) Use of hard-coded credentials (CVE-ID: CVE-2024-36480)
CWE-ID: CWE-798 - Use of Hard-coded Credentials
CVSSv4: CVSS:4.0/AV:L/AC:L/AT:P/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear
The vulnerability allows a local attacker to gain access to sensitive information.
The vulnerability exists due to presence of hard-coded credentials in application code. A local attacker can obtain LocalSystem Account.
3) Use of Potentially Dangerous Function (CVE-ID: CVE-2024-37124)
CWE-ID: CWE-676 - Use of Potentially Dangerous Function
CVSSv4: CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear
The vulnerability allows a local attacker to compromise the target system.
The vulnerability exists due to use of potentially dangerous function. A local attacker can write arbitrary property files at any place of the filesystem.
4) Use of Potentially Dangerous Function (CVE-ID: CVE-2024-37387)
CWE-ID: CWE-676 - Use of Potentially Dangerous Function
CVSSv4: CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear
The vulnerability allows a local attacker to compromise the target system.
The vulnerability exists due to use of potentially dangerous function. A local attacker can alter files in the PC where the product is installed.
Remediation
Install update from vendor's website.
References
- https://jvn.jp/en/jp/JVN00442488/index.html
- https://www.ricoh.com/products/security/vulnerabilities/adv?id=ricoh-prod000077-2024-000004
- https://www.ricoh.com/products/security/vulnerabilities/adv?id=ricoh-prod000077-2024-000005
- https://www.ricoh.com/products/security/vulnerabilities/adv?id=ricoh-prod000077-2024-000006
- https://www.ricoh.com/products/security/vulnerabilities/adv?id=ricoh-prod000077-2024-000007