1 results (0.005 seconds)

CVSS: 8.4EPSS: 0%CPEs: 1EXPL: 0

The driver installation package created by Printer Driver Packager NX v1.0.02 to v1.1.25 fails to detect its modification and may spawn an unexpected process with the administrative privilege. If a non-administrative user modifies the driver installation package and runs it on the target PC, an arbitrary program may be executed with the administrative privilege. • https://jvn.jp/en/vu/JVNVU92207133 https://www.ricoh.com/products/security/vulnerabilities/adv?id=ricoh-prod000048-2023-000001 https://www.ricoh.com/products/security/vulnerabilities/vul?id=ricoh-2023-000001 • CWE-345: Insufficient Verification of Data Authenticity CWE-352: Cross-Site Request Forgery (CSRF) •