CVE-2019-19363 – Ricoh Printer Drivers - Local Privilege Escalation

https://notcve.org/view.php?id=CVE-2019-19363

An issue was discovered in Ricoh (including Savin and Lanier) Windows printer drivers prior to 2020 that allows attackers local privilege escalation. Affected drivers and versions are: PCL6 Driver for Universal Print - Version 4.0 or later PS Driver for Universal Print - Version 4.0 or later PC FAX Generic Driver - All versions Generic PCL5 Driver - All versions RPCS Driver - All versions PostScript3 Driver - All versions PCL6 (PCL XL) Driver - All versions RPCS Raster Driver - All version Se detectó un problema en los controladores de impresora de Windows de Ricoh (incluidos Savin y Lanier) antes del 2020, que permite a atacantes una escalada de privilegios locales. Los controladores y versiones afectados son: PCL6 Driver para Universal Print- Versión 4.0 o posterior, PS Driver para Universal Print - Versión 4.0 o posterior, PC FAX Generic Driver - Todas las versiones, Generic PCL5 Driver - Todas las versiones, RPCS Driver - Todas las versiones, PostScript3 Driver - Todas las versiones, PCL6 (PCL XL) Driver - todas las versiones, RPCS Raster Driver - todas las versiones. Ricoh printer drivers for Windows suffer from a local privilege escalation vulnerability due to insecure file permissions. Many versions are affected. • https://www.exploit-db.com/exploits/47962 https://www.exploit-db.com/exploits/48036 http://jvn.jp/en/jp/JVN15697526/index.html http://packetstormsecurity.com/files/156082/Ricoh-Printer-Driver-Local-Privilege-Escalation.html http://packetstormsecurity.com/files/156251/Ricoh-Driver-Privilege-Escalation.html http://seclists.org/fulldisclosure/2020/Jan/34 https://www.ricoh.com/info/2020/0122_1 • CWE-732: Incorrect Permission Assignment for Critical Resource •