CVE-2025-48825 LOW

CVE-2025-48825

Vendor Ricoh Company, Ltd.
Product RICOH Streamline NX V3 PC Client
Weakness CWE-348
Published June 13, 2025
Last update June 23, 2025

CVSS base score

2.5/10
Attack vector Local
Attack complexity High
Privileges required Low
User interaction None
Confidentiality None
Integrity Low

CVSS vector

CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:N

What the vulnerability does

01Description

RICOH Streamline NX V3 PC Client versions 3.5.0 to 3.7.0 contains an issue with use of less trusted source, which may allow an attacker who can conduct a man-in-the-middle attack to eavesdrop upgrade requests and execute a malicious DLL with custom code.

Key dates

02Disclosure timeline

June 13, 2025 CVE published
June 23, 2025 Record updated