RICOH Streamline NX V3 PC Client versions 3.5.0 to 3.7.0... · CVE-2025-48825 · GitHub Advisory Database · GitHub

RICOH Streamline NX V3 PC Client versions 3.5.0 to 3.7.0...

Low severity Unreviewed Published Jun 13, 2025 to the GitHub Advisory Database • Updated Jun 13, 2025

Package

No package listed— Suggest a package

Affected versions

Unknown

Patched versions

Unknown

Description

RICOH Streamline NX V3 PC Client versions 3.5.0 to 3.7.0 contains an issue with use of less trusted source, which may allow an attacker who can conduct a man-in-the-middle attack to eavesdrop upgrade requests and execute a malicious DLL with custom code.

References

Published by the National Vulnerability Database

Jun 13, 2025

Published to the GitHub Advisory Database Jun 13, 2025

Last updated Jun 13, 2025

Severity

Low

/ 10

CVSS v4 base metrics

Exploitability Metrics

Attack Vector Local

Attack Complexity Low

Attack Requirements Present

Privileges Required Low

User interaction None

Vulnerable System Impact Metrics

Confidentiality None

Integrity Low

Availability None

Subsequent System Impact Metrics

Confidentiality None

Integrity None

Availability None

CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X