EUVD-2025-18257
CVSS Vector
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Lifecycle Timeline
3Tags
Description
Path traversal vulnerability exists in RICOH Streamline NX V3 PC Client versions 3.5.0 to 3.242.0. If this vulnerability is exploited, arbitrary code may be executed on the PC where the product is running by tampering with specific files used on the product.
Analysis
Critical path traversal vulnerability in RICOH Streamline NX V3 PC Client (versions 3.5.0-3.242.0) that allows unauthenticated remote attackers to execute arbitrary code on affected systems by tampering with specific files used by the product. With a CVSS score of 9.8 and network-based attack vector requiring no user interaction, this vulnerability poses immediate risk to organizations deploying vulnerable versions of the RICOH client software. KEV and EPSS status, POC availability, and active exploitation data are not yet available in public disclosures, but the severity profile (CVSS 9.8, CVSS:3.0/AV:N/AC:L/PR:N/UI:N) suggests high exploitability.
Technical Context
The vulnerability is rooted in CWE-22 (Improper Limitation of a Pathname to a Restricted Directory—'Path Traversal'), a class of flaws where software fails to validate or sanitize file path inputs, allowing attackers to access files outside intended directories. In the RICOH Streamline NX V3 PC Client, the path traversal flaw exists in the handling of specific files used during product operation. The affected product (CPE: vendor=ricoh, product=streamline_nx_v3_pc_client) runs as a local desktop application but is reachable over the network (AV:N), suggesting either remote API endpoints, file-sharing mechanisms, or network-accessible configuration channels. The vulnerability allows an attacker to traverse the directory structure, modify arbitrary files, and achieve code execution—likely through overwriting executable files, libraries, or configuration files that are subsequently loaded and executed with the privileges of the application or user.
Affected Products
Product: RICOH Streamline NX V3 PC Client | Affected Versions: 3.5.0, 3.6.0, ..., 3.242.0 (inclusive range) | CPE: cpe:/a:ricoh:streamline_nx_v3_pc_client:* (with version constraints 3.5.0–3.242.0) | Platform: Windows PC (typical for '.exe' or 'PC Client' designation, though unconfirmed without vendor advisory). Vendor advisory and patch information are not yet available in public disclosures; organizations should contact RICOH support or monitor RICOH's official security advisory channels (https://www.ricoh.com or security notification services) for patch releases and workaround guidance.
Remediation
Immediate Actions: (1) Identify and inventory all systems running RICOH Streamline NX V3 PC Client versions 3.5.0–3.242.0 within your organization. (2) Contact RICOH support and check RICOH's official security advisory pages for patch availability and release timelines; patches are likely to be released as version 3.243.0 or later. (3) Until patches are available, implement network-level mitigations: (a) restrict network access to RICOH client processes using host-based firewalls or network segmentation, (b) disable remote access features if available, (c) apply principle of least privilege to the user accounts running the RICOH client. (4) Monitor RICOH's official sources (security bulletins, product update pages) for patched versions. (5) Once patches are released, prioritize deployment in a staged manner to verify compatibility before organization-wide rollout. Workarounds: If patching is delayed, consider temporary isolation of affected systems from untrusted networks or suspension of the RICOH client until patches are available.
Priority Score
Share
External POC / Exploit Code
Leaving vuln.today