CVE-2019-14301
Description
Ricoh SP C250DN 1.06 devices have Incorrect Access Control (issue 1 of 2).
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Ricoh SP C250DN 1.06 devices have an improper access control vulnerability allowing information disclosure via the debugging web page.
Vulnerability
The Ricoh SP C250DN printer running firmware version 1.06 and possibly other versions contains an improper access control vulnerability (CWE-284) that allows unauthorized access to a debugging web page. This issue is one of two access control flaws identified in the device [1].
Exploitation
An attacker with network access to the device (adjacent network) can exploit the vulnerability by simply accessing the debugging web page without any authentication or user interaction. The CVSS v3 score is 6.5 (AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N), indicating low attack complexity and no required privileges [1].
Impact
Successful exploitation leads to information disclosure, allowing the attacker to obtain sensitive information from the device. The impact is limited to confidentiality; there is no integrity or availability impact [1].
Mitigation
Ricoh has released firmware updates to address this vulnerability. Users should apply the appropriate firmware update according to the information provided by the vendor [1].
AI Insight generated on May 26, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.
Affected products
2- Ricoh/SP C250DNdescription
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
2- jvn.jp/en/jp/JVN52962201/index.htmlmitrethird-party-advisoryx_refsource_JVN
- www.ricoh.com/info/2019/0823_1/mitrex_refsource_CONFIRM
News mentions
0No linked articles in our index yet.