Privilege Escalation Vulnerability in Printer Driver Packager NX by Ricoh
CVE-2023-30759

7.8HIGH

Key Information:

Vendor: Ricoh Company, Ltd.
Status: Printer Driver Packager Nx
Vendor: CVE Published:; 19 June 2023

🔔 Create Ricoh Company, Ltd. Vulnerability Alert

What is CVE-2023-30759?

The Printer Driver Packager NX versions 1.0.02 to 1.1.25 from Ricoh contains a vulnerability where it fails to verify modifications made to the driver installation package. This flaw permits a non-administrative user to alter the package and subsequently execute it on a target machine, which may lead to the execution of an arbitrary program with administrative privileges. Such a capability can facilitate unauthorized access and cause significant security risks when exploited.

Affected Version(s)

Printer Driver Packager NX v1.0.02 to v1.1.25

References

https://www.ricoh.com/products/security/vulnerabilities/a...

https://www.ricoh.com/products/security/vulnerabilities/v...

https://jvn.jp/en/vu/JVNVU92207133/

CVSS V3.1

Score:

7.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jun 19, 2023
Vulnerability Reserved
May 11, 2023