CVE-2019-19363
Severity CVSS v4.0:
Pending analysis
Type:
Unavailable / Other
Publication date:
24/01/2020
Last modified:
10/02/2023
Description
An issue was discovered in Ricoh (including Savin and Lanier) Windows printer drivers prior to 2020 that allows attackers local privilege escalation. Affected drivers and versions are: PCL6 Driver for Universal Print - Version 4.0 or later PS Driver for Universal Print - Version 4.0 or later PC FAX Generic Driver - All versions Generic PCL5 Driver - All versions RPCS Driver - All versions PostScript3 Driver - All versions PCL6 (PCL XL) Driver - All versions RPCS Raster Driver - All version
Impact
Base Score 3.x
7.80
Severity 3.x
HIGH
Base Score 2.0
4.60
Severity 2.0
MEDIUM
Vulnerable products and versions
| CPE | From | Up to |
|---|---|---|
| cpe:2.3:a:ricoh:generic_pcl5_driver:-:*:*:*:*:*:*:* | ||
| cpe:2.3:a:ricoh:pc_fax_generic_driver:-:*:*:*:*:*:*:* | ||
| cpe:2.3:a:ricoh:pcl6_\(pcl_xl\)_driver:-:*:*:*:*:*:*:* | ||
| cpe:2.3:a:ricoh:pcl6_driver_for_universal_print:*:*:*:*:*:*:*:* | 4.0 (including) | 4.26 (excluding) |
| cpe:2.3:a:ricoh:postscript3_driver:-:*:*:*:*:*:*:* | ||
| cpe:2.3:a:ricoh:ps_driver_for_universal_print:*:*:*:*:*:*:*:* | 4.0 (including) | 4.26 (excluding) |
| cpe:2.3:a:ricoh:rpcs_driver:-:*:*:*:*:*:*:* | ||
| cpe:2.3:a:ricoh:rpcs_raster_driver:-:*:*:*:*:*:*:* |
To consult the complete list of CPE names with products and versions, see this page
References to Advisories, Solutions, and Tools
- http://jvn.jp/en/jp/JVN15697526/index.html
- http://packetstormsecurity.com/files/156082/Ricoh-Printer-Driver-Local-Privilege-Escalation.html
- http://packetstormsecurity.com/files/156251/Ricoh-Driver-Privilege-Escalation.html
- http://seclists.org/fulldisclosure/2020/Jan/34
- https://www.ricoh.com/info/2020/0122_1/