JVNDB-2025-000039

[Japanese]
JVNDB-2025-000039
Multiple vulnerabilities in RICOH Streamline NX PC Client
Overview
RICOH Streamline NX PC Client provided by Ricoh Company, Ltd. contains multiple vulnerabilities listed below. External control of file name or path (CWE-73) - CVE-2025-36506 Path traversal (CWE-22) - CVE-2025-46783 Use of less trusted source (CWE-348) - CVE-2025-48825 Ricoh Company, Ltd. reported these vulnerabilities to IPA to notify users of its solution through JVN. JPCERT/CC and Ricoh Company, Ltd. coordinated under the Information Security Early Warning Partnership.
CVSS Severity (What is CVSS?)
CVSS V3 Severity: Base Metrics 6.5 (Medium) [IPA Score] Attack Vector: Network Attack Complexity: Low Privileges Required: None User Interaction: None Scope: Unchanged Confidentiality Impact: None Integrity Impact: Low Availability Impact: Low The above CVSS base scores have been assigned for CVE-2025-36506
CVSS V3 Severity: Base Metrics 9.8 (Critical) [IPA Score] Attack Vector: Network Attack Complexity: Low Privileges Required: None User Interaction: None Scope: Unchanged Confidentiality Impact: High Integrity Impact: High Availability Impact: High The above CVSS base scores have been assigned for CVE-2025-46783
CVSS V3 Severity: Base Metrics 2.5 (Low) [IPA Score] Attack Vector: Local Attack Complexity: High Privileges Required: Low User Interaction: None Scope: Unchanged Confidentiality Impact: None Integrity Impact: Low Availability Impact: None The above CVSS base scores have been assigned for CVE-2025-48825
Affected Products

Ricoh Co., Ltd RICOH Streamline NX V3 PC Client versions 3.5.0 to 3.242.0 (CVE-2025-36506, CVE-2025-46783) RICOH Streamline NX V3 PC Client versions 3.5.0 to 3.7.0 (CVE-2025-48825)

Impact
If an attacker sends a specially crafted request, arbitrary files in the file system can be overwritten with log data (CVE-2025-36506) Arbitrary code may be executed on the PC where the product is running by tampering with specific files used on the product (CVE-2025-46783) An attacker who can conduct a man-in-the-middle attack may eavesdrop upgrade requests and execute a malicious DLL with custom code (CVE-2025-48825)
Solution
[Update the Software] Update the software to the latest version by using the appropriate installer for the fixed version according to the information provided by the developer. For more information, refer to the information provided by the developer.
Vendor Information
Ricoh Co., Ltd Ricoh Co., Ltd : ricoh-2025-000004 \| Notice on potential impact of "Vulnerability Leading to Arbitrary File Overwrite via Save Log File" toward SLNX PC Client Ricoh Co., Ltd : ricoh-2025-000005 \| Notice on potential impact of "Arbitrary File Delete (Path Traversal) Vulnerability Leading to Code Execution" towards RICOH Streamline NX V3 PC Client Ricoh Co., Ltd : ricoh-2025-000006 \| Notice on potential impact of "Vulnerability Leading to Possible Code Execution via Remotely Upgrading" towards SLNX PC Client Application
CWE (What is CWE?)
Path Traversal(CWE-22) [IPA Evaluation] No Mapping(CWE-Other) [IPA Evaluation]
CVE (What is CVE?)
CVE-2025-36506 CVE-2025-46783 CVE-2025-48825
References
JVN : JVN#27937557
Revision History
[2025/06/13] Web page was published


Date Public	2025/06/13
Date First Published	2025/06/13
Date Last Updated	2025/06/13

Multiple vulnerabilities in RICOH Streamline NX PC Client