Man-in-the-Middle Attack Vulnerability in RICOH Streamline NX V3 PC Client
CVE-2025-48825

2LOW

Key Information:

Vendor: Ricoh Company, Ltd.
Status: Ricoh Streamline Nx V3 Pc Client
Vendor: CVE Published:; 13 June 2025

🔔 Create Ricoh Company, Ltd. Vulnerability Alert

What is CVE-2025-48825?

The RICOH Streamline NX V3 PC Client versions 3.5.0 to 3.7.0 has a vulnerability that arises from using a less trusted source. This weakness potentially allows attackers to perform man-in-the-middle attacks, enabling them to intercept upgrade requests. By manipulating these requests, attackers may execute a malicious DLL containing custom code, which poses a significant risk to the integrity and security of the software and its users.

Affected Version(s)

RICOH Streamline NX V3 PC Client versions 3.5.0 to 3.7.0

References

https://www.ricoh.com/products/security/vulnerabilities/v...

https://jvn.jp/en/jp/JVN27937557/

CVSS V4

Score:

Severity:

LOW

Confidentiality:

None

Integrity:

Low

Availability:

None

Attack Vector:

Local

Attack Complexity:

Low

Attack Required:

Physical

Privileges Required:

Undefined

User Interaction:

None

CVSS V3.0

Score:

2.5

Severity:

LOW

Confidentiality:

None

Integrity:

Low

Availability:

None

Attack Vector:

Local

Attack Complexity:

High

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jun 13, 2025
Vulnerability Reserved
Jun 12, 2025