CVE-2019-14306

Name: CVE-2019-14306
Creator: NVD / NIST
Published: 2020-01-10T18:15:11.583+00:00
License: https://creativecommons.org/publicdomain/zero/1.0/

HIGHCVSS 7.5/10EPSS 1.41%

Last modified Jun 17, 2026

CVE-2019-14306 is a high-severity vulnerability rated 7.5/10 on the CVSS scale. Ricoh SP C250DN 1.06 devices have Incorrect Access Control (issue 2 of 2).. EPSS estimates a 1.41% chance of exploitation in the next 30 days.

Description

Ricoh SP C250DN 1.06 devices have Incorrect Access Control (issue 2 of 2).

Metrics

CVSS 3.1

7.5/10

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

EPSS Probability

1.41%

69.2th percentile

Probability of exploitation in the next 30 days. Learn more

Affected Software

Vendor	Product	Versions
Ricoh	Sp C250sf Firmware	< 1.15
Ricoh	Sp C252sf Firmware	< 1.15
Ricoh	Sp C250dn Firmware	< 1.09
Ricoh	Sp C252dn Firmware	< 1.09
Ricoh	Sp 330sn Firmware	< 1.07
Ricoh	Sp 330sfn Firmware	< 1.07
Ricoh	Sp 330dn Firmware	< 1.07
Ricoh	Sp 3710sf Firmware	< 1.07
Ricoh	Sp 3710dn Firmware	< 1.07
Ricoh	Sp C260dnw Firmware	< 1.12
Ricoh	Sp C260sfnw Firmware	< 1.15
Ricoh	Sp C261dnw Firmware	< 1.13
Ricoh	Sp C261sfnw Firmware	< 1.17
Ricoh	Sp C262sfnw Firmware	< 1.17
Ricoh	Sp C262dnw Firmware	< 1.13
Ricoh	Mp 2014 Firmware	< 1.10
Ricoh	Mp 2014d Firmware	< 1.10
Ricoh	Mp 2014ad Firmware	< 1.10
Ricoh	M 2700 Firmware	< 1.06
Ricoh	M 2701 Firmware	< 1.06
Ricoh	Sp 221s Firmware	< 1.10
Ricoh	Sp 220snw Firmware	< 1.11
Ricoh	Sp 221snw Firmware	< 1.11
Ricoh	Sp 221sf Firmware	< 1.11
Ricoh	Sp 220sfnw Firmware	< 1.12
Ricoh	Sp 221sfnw Firmware	< 1.12
Ricoh	Sp 277snwx Firmware	< 1.12
Ricoh	Sp 277sfnwx Firmware	< 1.12
Ricoh	Sp 221 Firmware	< 1.02
Ricoh	Sp 220nw Firmware	< 1.04
Ricoh	Sp 221nw Firmware	< 1.04
Ricoh	Sp277nwx Firmware	< 1.04
Ricoh	Sp 212snw Firmware	< 1.07
Ricoh	Sp 212sfnw Firmware	< 1.08
Ricoh	Sp 212sfw Firmware	< 1.08
Ricoh	Sp 212sfnw \(China\) Firmware	< 1.08
Ricoh	Sp 212suw Firmware	< 1.07
Ricoh	Sp 213snw Firmware	< 1.07
Ricoh	Sp 213snw \(Taiwan\) Firmware	< 1.05
Ricoh	Sp 213suw Firmware	< 1.07
Ricoh	Sp 213sfnw Firmware	< 1.07
Ricoh	Sp 213sfw Firmware	< 1.07
Ricoh	Sp 213sfnw \(Taiwan\) Firmware	< 1.06
Ricoh	Sp 212nw Firmware	< 1.06
Ricoh	Sp 213nw Firmware	< 1.06
Ricoh	Sp 213nw \(Taiwan\) Firmware	< 1.04
Ricoh	Sp 212w Firmware	< 1.06
Ricoh	Sp 213w Firmware	< 1.06

References

http://jvn.jp/en/jp/JVN52962201/index.htmlThird Party Advisory, VDB Entry
https://www.ricoh.com/info/2019/0823_1/Vendor Advisory
http://jvn.jp/en/jp/JVN52962201/index.htmlThird Party Advisory, VDB Entry
https://www.ricoh.com/info/2019/0823_1/Vendor Advisory

Timeline

Published: Jan 10, 2020
Last Modified: Jun 17, 2026
Status: Modified

Frequently Asked Questions

What is CVE-2019-14306?

Ricoh SP C250DN 1.06 devices have Incorrect Access Control (issue 2 of 2).

How severe is CVE-2019-14306?

CVE-2019-14306 has a CVSS score of 7.5/10 (HIGH severity). The EPSS model estimates a 1.41% probability of exploitation in the next 30 days.

How do I fix CVE-2019-14306?

Check the vendor references and advisories linked above for patched versions and mitigation guidance. You can also run a Strix scan to test if your systems are affected.

Are you affected by CVE-2019-14306?

Run a free Strix scan to check your systems for this vulnerability.

Scan your code now

Source: NVD / NIST