Details of VAR-202502-2688

ID

VAR-202502-2688

TITLE

Ricoh (China) Investment Co., Ltd. Aficio SP 3500SF has an unauthorized access vulnerability

Trust: 0.6

sources: CNVD: CNVD-2025-03100

DESCRIPTION

Aficio SP 3500SF is a multi-function commercial all-in-one printer with printing, copying, scanning and faxing functions. Ricoh (China) Investment Co., Ltd. Aficio SP 3500SF has an unauthorized access vulnerability, which can be exploited by attackers to obtain sensitive information.

Trust: 0.6

sources: CNVD: CNVD-2025-03100

IOT TAXONOMY

category:

['IoT']

sub_category:

Trust: 0.6

sources: CNVD: CNVD-2025-03100

AFFECTED PRODUCTS

vendor:

ricoh investment

model:

aficio sp 3500sf

scope:

version:

Trust: 0.6

sources: CNVD: CNVD-2025-03100

CVSS

SEVERITY

CVSSV2

CVSSV3

CNVD:	CNVD-2025-03100
value:	MEDIUM
Trust: 0.6

CNVD:	CNVD-2025-03100
severity:	MEDIUM
baseScore:	5.0
vectorString:	AV:N/AC:L/AU:N/C:P/I:N/A:N
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	NONE
availabilityImpact:	NONE
exploitabilityScore:	10.0
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.6

sources: CNVD: CNVD-2025-03100

EXTERNAL IDS

db:

CNVD

id:

CNVD-2025-03100

Trust: 0.6

sources: CNVD: CNVD-2025-03100

SOURCES

db:

CNVD

id:

CNVD-2025-03100

LAST UPDATE DATE

2025-03-02T23:31:27.517000+00:00

SOURCES UPDATE DATE

db:

CNVD

id:

CNVD-2025-03100

date:

2025-02-19T00:00:00

SOURCES RELEASE DATE

db:

CNVD

id:

CNVD-2025-03100

date:

2025-02-07T00:00:00