CVE-2019-19363 Information

Feb 14, 2021 cve

Description

An issue was discovered in Ricoh (including Savin and Lanier) Windows printer drivers prior to 2020 that allows attackers local privilege escalation. Affected drivers and versions are: PCL6 Driver for Universal Print - Version 4.0 or later PS Driver for Universal Print - Version 4.0 or later PC FAX Generic Driver - All versions Generic PCL5 Driver - All versions RPCS Driver - All versions PostScript3 Driver - All versions PCL6 (PCL XL) Driver - All versions RPCS Raster Driver - All version

CVSS Vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Reference

http://jvn.jp/en/jp/JVN15697526/index.html http://packetstormsecurity.com/files/156082/Ricoh-Printer-Driver-Local-Privilege-Escalation.html http://packetstormsecurity.com/files/156251/Ricoh-Driver-Privilege-Escalation.html http://seclists.org/fulldisclosure/2020/Jan/34 https://www.ricoh.com/info/2020/0122_1/

Attack Complexity

LOW

Privileges Required

LOW

User Interaction Required

LOW

Scope

NONE

Confidentiality Impact

UNCHANGED

Integrity Impact

HIGH

Availability Impact

HIGH

Base Score

HIGH

Base Severity

7.8

Share on: