Primary

Context

SIOS Technology Quick Agent V2 and V3 Path Traversal Vulnerability Allowing Arbitrary Code Execution

Vulnerability

A path traversal vulnerability has been identified in Quick Agent V2 and V3, prior to the latest versions. This vulnerability allows remote, unauthenticated attackers to execute arbitrary code with Windows system privileges on the affected machine. Quick Agent is a Windows application used for scanning solutions on certain Ricoh multifunction printers.

Impact

Exploitation of this vulnerability could lead to arbitrary code execution on the affected system with Windows system privileges.

Remediation

Users are advised to update Quick Agent to the latest version. Quick Agent V3 users should update to version 3.2.1 or later, and Quick Agent V2 users should update to version 2.9.8 or later. The latest versions can be downloaded from the SIOS MFP Support Site.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

10.0

exploitability

6.2

remediation

0.0

relevance

0.0

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

10.0

exploitability

6.2

remediation

0.0

relevance

0.0

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

SIOS Technology Quick Agent V2 and V3 Path Traversal Vulnerability Allowing Arbitrary Code Execution

Vulnerability

Impact

Remediation

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating