Tampering Vulnerability in RICOH Streamline NX by RICOH
CVE-2025-58422

2.3LOW

Key Information:

Vendor: Ricoh Company, Ltd.
Status: Ricoh Streamline Nx
Vendor: CVE Published:; 8 September 2025

🔔 Create Ricoh Company, Ltd. Vulnerability Alert

What is CVE-2025-58422?

RICOH Streamline NX versions 3.5.1 to 24R3 are exposed to a security vulnerability that facilitates tampering with operation history. This occurs when an attacker successfully conducts a man-in-the-middle attack, allowing them to modify HTTP request values. Such alterations can compromise the integrity of the operation history within the management tool, potentially leading to unauthorized changes and loss of data reliability.

Affected Version(s)

RICOH Streamline NX versions 3.5.1 to 24R3

References

https://www.ricoh.com/products/security/vulnerabilities/v...

https://jvn.jp/en/jp/JVN75307484/

CVSS V4

Score:

2.3

Severity:

LOW

Confidentiality:

None

Integrity:

Low

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Attack Required:

Physical

Privileges Required:

Undefined

User Interaction:

Unknown

CVSS V3.0

Score:

3.1

Severity:

LOW

Confidentiality:

None

Integrity:

Low

Availability:

None

Attack Vector:

Network

Attack Complexity:

High

Privileges Required:

None

User Interaction:

Required

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Sep 8, 2025
Vulnerability Reserved
Sep 3, 2025