Strix
26.1K

CVE-2021-33945

CRITICALCVSS 9.8/10EPSS 1.82%

Last modified

CVE-2021-33945 is a critical-severity vulnerability rated 9.8/10 on the CVSS scale. RICOH Printer series SP products 320DN, SP 325DNw, SP 320SN, SP 320SFN, SP 325SNw, SP 325SFNw, SP 330SN, Aficio SP 3500SF, SP 221S, SP 220SNw, SP 221SNw, SP 221SF, SP 220SFNw, SP 221SFNw v1.06 were discovered to contain a stack buffer overflow in the file /etc/wpa_supplicant.conf. This vulnerability allows attackers to cause a Denial of Service (DoS) via crafted overflow data.. EPSS estimates a 1.82% chance of exploitation in the next 30 days.

Description

RICOH Printer series SP products 320DN, SP 325DNw, SP 320SN, SP 320SFN, SP 325SNw, SP 325SFNw, SP 330SN, Aficio SP 3500SF, SP 221S, SP 220SNw, SP 221SNw, SP 221SF, SP 220SFNw, SP 221SFNw v1.06 were discovered to contain a stack buffer overflow in the file /etc/wpa_supplicant.conf. This vulnerability allows attackers to cause a Denial of Service (DoS) via crafted overflow data.

Metrics

CVSS 3.1
9.8/10

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

EPSS Probability
1.82%

76.0th percentile

Probability of exploitation in the next 30 days. Learn more

Weakness Enumeration

Affected Software

VendorProductVersions
RicohSp 320dn Firmware1.06
RicohSp 325dnw Firmware1.06
RicohSp 320sn Firmware1.06
RicohSp 320sfn Firmware1.06
RicohSp 325snw Firmware1.06
RicohSp 325sfnw Firmware1.06
RicohSp 330sn Firmware1.06
RicohAficio Sp 3500sf Firmware1.06
RicohSp 221s Firmware1.06
RicohSp 220snw Firmware1.06
RicohSp 221snw Firmware1.06
RicohSp 221sf Firmware1.06
RicohSp 220sfnw Firmware1.06
RicohSp 221sfnw Firmware1.06
RicohM C2000 FirmwareAll versions
RicohM C250fwb FirmwareAll versions
RicohM C250fw FirmwareAll versions
RicohSp C260sfnw FirmwareAll versions
RicohSp C262sfnw FirmwareAll versions
RicohSp C261sfnw FirmwareAll versions
RicohSp C250sf FirmwareAll versions
RicohSp C252sf FirmwareAll versions
RicohP C300w FirmwareAll versions
RicohP C301w FirmwareAll versions
RicohSp C260dnw FirmwareAll versions
RicohSp C262dnw FirmwareAll versions
RicohSp C261dnw FirmwareAll versions
RicohSp C250dn FirmwareAll versions
RicohSp C252dn FirmwareAll versions
RicohM 320 FirmwareAll versions
RicohM 320fb FirmwareAll versions
RicohM 320f FirmwareAll versions
RicohM 2700 FirmwareAll versions
RicohM 2701 FirmwareAll versions
RicohSp 330sn FirmwareAll versions
RicohSp 330sfn FirmwareAll versions
RicohSp 3710sf FirmwareAll versions
RicohSp 220snw FirmwareAll versions
RicohSp 221snw FirmwareAll versions
RicohSp 220sfnw FirmwareAll versions
RicohSp 221sfnw FirmwareAll versions
RicohSp 277snwx FirmwareAll versions
RicohSp 277sfnwx FirmwareAll versions
RicohSp 325snw FirmwareAll versions
RicohSp 325sfnw FirmwareAll versions
RicohSp 377snwx FirmwareAll versions
RicohSp 377sfnwx FirmwareAll versions
RicohSp 212sfnw FirmwareAll versions
RicohSp 212sfw FirmwareAll versions
RicohSp 212snw FirmwareAll versions

Showing 50 of 74 affected configurations. See NVD for the full list.

References

Timeline

Published
Last Modified
Status
Modified

Frequently Asked Questions

What is CVE-2021-33945?
RICOH Printer series SP products 320DN, SP 325DNw, SP 320SN, SP 320SFN, SP 325SNw, SP 325SFNw, SP 330SN, Aficio SP 3500SF, SP 221S, SP 220SNw, SP 221SNw, SP 221SF, SP 220SFNw, SP 221SFNw v1.06 were discovered to contain a stack buffer overflow in the file /etc/wpa_supplicant.conf. This vulnerability allows attackers to cause a Denial of Service (DoS) via crafted overflow data.
How severe is CVE-2021-33945?
CVE-2021-33945 has a CVSS score of 9.8/10 (CRITICAL severity). The EPSS model estimates a 1.82% probability of exploitation in the next 30 days.
How do I fix CVE-2021-33945?
Check the vendor references and advisories linked above for patched versions and mitigation guidance. You can also run a Strix scan to test if your systems are affected.

Are you affected by CVE-2021-33945?

Run a free Strix scan to check your systems for this vulnerability.

Scan your code now

Source: NVD / NIST