Update: Notice on potential impact of Apache Log4j vulnerability towards Ricoh products and services
Last updated: January 25, 2021
First published: December 15, 2021
Ricoh understands the importance of security and is committed to managing its products and services with the most advanced security technologies possible for its customers worldwide.
Ricoh is aware of the reported Apache Log4j remote code execution vulnerability (CVE-2021-44228). Apache Log4j is an open-source logging JAVA-based library offered by Apache Software Foundation. Ricoh is currently investigating if any Ricoh products and services may be potentially impacted by this vulnerability.
Servers operating with Apache Log4j are potentially threatened, allowing a third party to remotely access the server and execute remote code by sending modified data to exploit this vulnerability.
Ricoh confirmed the following products and services that it develops, manufactures, and offers are not impacted by this vulnerability. Ricoh products and services not listed are under ongoing investigation.
|Office Products||Multifunction Printers/Copiers||Black & White MFP|
|Wide Format MFP|
|Printers||Black & White Laser printers|
|Color Laser Printers|
|Printer based MFP|
|Remote Communication Gates||Remote Communication Gate A2|
|Remote Communication Gate A|
|Remote Communication Gate Type N/L/BN1/BM1|
|Software & Solutions||@Remote Connector NX|
|Card Authentication Package Series|
|Device Manager NX Accounting|
|Device Manager NX Enterprise|
|Device Manager NX Lite|
|Device Manager NX Pro|
|Enhanced Locked Print Series|
|ESA TransFormer Server v4.x|
|EZ Charger Suite Serverless|
|EZ Charger Suite Server|
|Printer Driver Packager NX|
|RICOH Smart Integration (RSI) Platform and its applications|
|RICOH Print Management Cloud|
|RICOH Streamline NX V2|
|RICOH Streamline NX V3|
|Commercial & Industrial Printing|
|Wide Format Printers|
|Software & Apps|
|RICOH InfoPrint® Font Collection|
|RICOH InfoPrint® PPFA|
|RICOH InfoPrint® WorkFlow|
|RICOH Web Enablement Solutions Suite|
About Ricoh products and services that have been confirmed to be affected by this vulnerability.
The following products have been confirmed to be affected by this vulnerability.
|Continuous feed printers||RICOH ProVC40000||Fixed release can be provided for these products. Please contact your sales representative.|
|Software & Apps||RICOH InfoPrint Manager|
|RICOH TotalFlow BatchBuilder|
|RICOH TotalFlow Prep|
|RICOH TotalFlow Production Manager|
For products and solutions from vendors other than Ricoh, we recommend customers to confirm latest information directly with relevant vendors.
Ricoh is committed to supporting customers across the globe, enabling them to operate Ricoh products equipped with the latest security settings. Additional updates on impacted Ricoh products and services and related countermeasures will be provided promptly on this page as they become available.