CVE-2019-14310
Description
Ricoh SP C250DN 1.05 devices allow denial of service (issue 2 of 3). Unauthenticated crafted packets to the IPP service will cause a vulnerable device to crash. A memory corruption has been identified in the way of how the embedded device parsed the IPP packets
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Unauthenticated crafted IPP packets cause memory corruption and crash in Ricoh SP C250DN 1.05 devices, leading to denial of service.
Vulnerability
The vulnerability exists in the IPP service of Ricoh SP C250DN devices running firmware version 1.05. The embedded device does not properly parse crafted IPP packets, leading to memory corruption. No authentication is required to trigger the issue, and the attack vector is network-based via the IPP protocol.
Exploitation
An unauthenticated attacker can send specially crafted packets to the IPP service on the target device. The attacker only needs network access to the device; no user interaction or prior authentication is required. The memory corruption occurs during parsing of the malicious IPP packet, causing the device to crash.
Impact
Successful exploitation results in a denial of service (DoS) condition. The device crashes and becomes unavailable, disrupting printing and other services. There is no indication of information disclosure or remote code execution based on the available information [1].
Mitigation
The official vendor support page [1] does not provide a specific security update or workaround for this issue. Ricoh has not released a patched firmware version as of the publication date. Users should monitor Ricoh's support site for future updates and consider network-level filtering of IPP traffic as a temporary mitigation.
AI Insight generated on May 26, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.
Affected products
2- Ricoh/SP C250DNdescription
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
2- www.nccgroup.trust/us/our-research/technical-advisory-multiple-vulnerabilities-in-ricoh-printers/mitrex_refsource_MISC
- www.ricoh-usa.com/en/support-and-downloadmitrex_refsource_MISC
News mentions
0No linked articles in our index yet.