Vulnerability Submission Form

This webpage is the contact point where we accept reports concerning security problems discovered in the products, services and solutions (hereafter simply referred to as products) provided by the Ricoh Group. Our company's specialized security teams take action based on the content of these reports.

If you are a current Ricoh customer with questions or concerns about security and Ricoh products, please contact your regional Support Center or your local sales or service representative.

Note: This page is only intended to report security vulnerabilities on Ricoh products. To report security concerns about Ricoh websites, please visit the "Other Inquires" page.

To facilitate the smooth confirmation of the problem you report, when you contact us, please include the information below whenever possible.

What we would like you to include:

• Name of the product
• The relevant version information
• The type of the security problem, preferably using the Common Weakness Enumeration (CWE)
• The possible cause
• Evidence concerning the security problem (procedure to reproduce the problem, tools needed for that procedure, PoC code, etc.)
• Scope of the impact (other products, components, vendors, etc.) of the security problem reported
• Your intentions concerning public disclosure of the security problem reported

In cases where your report needs an attachment file (PoC, evidence, etc.), we will contact you by email to ask about it, so please attach the file when you respond at that time.
Only English and Japanese are supported.

After entering the necessary information in the form below, please push the "Confirm" button. Once we receive your message, we will immediately send you a confirmation email describing your inquiry.
In case your report is related to a yet undiscovered vulnerability in our products or services, we will report the response status and progress, until vulnerability countermeasure information is disclosed.

If you specify domains in your email anti-spam measures, please make an entry to accept emails from the "jp.ricoh.com" domain.

If you do not receive the confirmation email from us, it is possible that the email address which you entered was incorrect. Please check the email address entered and then resend the submission.
Please refer to Product Security for details on our policy about handling vulnerabilities.


The personal information collected via this form will only be used for the procedures necessary to reply to and handle the submission.
The subject personal information will be managed using appropriate safety measures, and it will not be disclosed or provided to third parties without the advance permission of the customer.
The content of the submission will be used jointly by the related Ricoh Group departments in order to improve quality.

For information on our handling of personal information, please see: Handling of Personal Information.

Person responsible for managing the personal information gathered via this form:
Product Security Control and Promotion division
Ricoh Co., Ltd.

ricoh_sirt@jp.ricoh.com

[Required] Are you a vulnerability researcher?
Company

Department

[Required] Country/Area
[Required] First Name

[Required] Last Name

[Required] email

ex. xxx@example.co.jp

Please re-type your email.

[Required] Product category
[Required] Product name

[Required] Content of the submission concerning the potential vulnerability