更新:Apache Log4j漏洞對理光產品和服務的潛在影響通知 (只提供英文版)
Last updated: December 17, 2021
First published: December 15, 2021
Ricoh understands the importance of security and is committed to managing its products and services with the most advanced security technologies possible for its customers worldwide.
Ricoh is aware of the reported Apache Log4j remote code execution vulnerability (CVE-2021-44228). Apache Log4j is an open-source logging JAVA-based library offered by Apache Software Foundation. Ricoh is currently investigating if any Ricoh products and services may be potentially impacted by this vulnerability. Servers operating with Apache Log4j are potentially threatened, allowing a third party to remotely access the server and execute remote code by sending modified data to exploit this vulnerability.
Ricoh confirmed the following products and services that it develops, manufactures, and offers are not impacted by this vulnerability. Ricoh products and services not listed are under ongoing investigation.
| Office Products | Multifunction Printers/Copiers | Black & White MFP |
| Color MFP | ||
| Wide Format MFP | ||
| Printers | Black & White Laser printers | |
| Color Laser Printers | ||
| GelJet Printers | ||
| Handy Printers | ||
| Printer based MFP | ||
| FAX | ||
| Digital Duplicators | ||
| Projectors | ||
| Video Conferencing | ||
| Interactive Whiteboards | ||
| Remote Communication Gates | Remote Communication Gate A2 | |
| Remote Communication Gate A | ||
| Remote Communication Gate Type N/L/BN1/BM1 | ||
| Software & Solutions | @Remote Connector NX | |
| Card Authentication Package Series | ||
| Device Manager NX Accounting | ||
| Device Manager NX Enterprise | ||
| Device Manager NX Lite | ||
| Device Manager NX Pro | ||
| DocuWare | ||
| Enhanced Locked Print Series | ||
| ESA TransFormer Server v4.x | ||
| EZ Charger Suite Serverless | ||
| EZ Charger Suite Server | ||
| GlobalScan NX | ||
| Printer Driver Packager NX | ||
| RICOH Smart Integration (RSI) Platform and its applications | ||
| RICOH Print Management Cloud | ||
| RICOH Streamline NX V2 | ||
| RICOH Streamline NX V3 | ||
| Commercial & Industrial Printing | ||
| Garment Printers |
||
Production Printers were listed as not being impacted as of December 16, however, investigation is ongoing. Updates will be provided as they are available.
Ricoh is committed to supporting customers across the globe, enabling them to operate Ricoh products equipped with the latest security settings. Additional updates on impacted Ricoh products and services and related countermeasures will be provided promptly on this page as they become available.