Notice on potential impact of "Apache ActiveMQ remote code execution vulnerability" (CVE-2023-46604) towards Ricoh products and services
Last updated: 05:00 pm on December 25, 2023 (2023-12-25T15:00:00+09:00)
First published: 03:00 pm on November 21, 2023 (2023-11-21T13:00:00+09:00)
Ricoh Company, Ltd.
Ricoh understands the importance of security and is committed to managing its products and services with the most advanced security technologies possible for its customers worldwide.
Ricoh is aware of the reported "Apache ActiveMQ remote code execution vulnerability" (CVE-2023-46604) affecting certain products and services that Ricoh develops, manufactures, and offers.
List 1 below shows the affected products and services. Ricoh offers preventative measures detailed in the hyperlinked pages in the list.
The latest firmware has been released to resolve this vulnerability issue.
Please check the list below and apply the firmware.
| Vulnerability Information ID | ricoh-2023-000005 |
| Version | 1.01E |
| CVE ID(CWE ID) | CVE-2023-46604 ( CWE-502 ) |
| CVSSv3 score | 9.8 CRITICAL |
List 1: Ricoh products and services affected by this vulnerability
| Product/service | Link to details |
| RICOH Interactive Whiteboard D5500 | Affected. For details, please refer to the following URL. https://www.ricoh.com/products/security/vulnerabilities/adv?id=ricoh-prod000088-2023-000005 |
| RICOH Interactive Whiteboard D5510 | Affected. For details, please refer to the following URL. https://www.ricoh.com/products/security/vulnerabilities/adv?id=ricoh-prod000089-2023-000005 |
| RICOH Interactive Whiteboard D2200 | Affected. For details, please refer to the following URL. https://www.ricoh.com/products/security/vulnerabilities/adv?id=ricoh-prod000090-2023-000005 |
| RICOH Interactive Whiteboard Controller Type 1 | Affected. For details, please refer to the following URL. https://www.ricoh.com/products/security/vulnerabilities/adv?id=ricoh-prod000091-2023-000005 |
| RICOH Interactive Whiteboard Controller Type 2 | Affected. For details, please refer to the following URL. https://www.ricoh.com/products/security/vulnerabilities/adv?id=ricoh-prod000092-2023-000005 |
| RICOH Interactive Whiteboard Controller Type 3 | Affected. For details, please refer to the following URL. https://www.ricoh.com/products/security/vulnerabilities/adv?id=ricoh-prod000093-2023-000005 |
| RICOH Interactive Whiteboard LT | Affected. For details, please refer to the following URL. https://www.ricoh.com/products/security/vulnerabilities/adv?id=ricoh-prod000094-2023-000005 |
| RICOH Interactive Whiteboard LT for Open Controller | Affected. For details, please refer to the following URL. https://www.ricoh.com/products/security/vulnerabilities/adv?id=ricoh-prod000095-2023-000005 |
Contact
Please contact your local Ricoh representative or dealer if you have any queries.
History:
2023-12-25T15:00:00+09:00 : 1.01E Released permanent measures.
2023-11-21T13:00:00+09:00 : 1.00E Initial public release
News
Keep up to date
- 17Feb
Ricoh selected as a member of the Sustainability Yearbook 2025 by S&P Global
- 14Feb
Ricoh recognized with double ‘A’ score for climate action and water security leadership in CDP A List for two consecutive years
- 13Feb
Ricoh Releases "The Business Guide to Print Technologies" – A Data-Driven Analysis of Print's Role in the Modern Workplace
- 10Feb
Ricoh recognized by Gartner® in its first 2024 Magic Quadrant™ for Document Management