CVE-2019-19363
CVE-2019-19363
Vexday Risk Score
38Attention
SSVC decision (CISA)
Attend
PoC available → attend closely
Exploit maturity
Functional exploit
Automatable exploit available (Nuclei/Metasploit).
CVSS —EPSS 4.6%KEV nãoPoC públicaNuclei —Metasploit simPatch —
Lifecycle
22 Jan 2020Metasploit module available
22 Jan 2020Public PoC
24 Jan 2020Published on NVD
Recommendation: Plan a near-term fix — a public PoC already exists.
An issue was discovered in Ricoh (including Savin and Lanier) Windows printer drivers prior to 2020 that allows attackers local privilege escalation. Affected drivers and versions are: PCL6 Driver for Universal Print - Version 4.0 or later PS Driver for Universal Print - Version 4.0 or later PC FAX Generic Driver - All versions Generic PCL5 Driver - All versions RPCS Driver - All versions PostScript3 Driver - All versions PCL6 (PCL XL) Driver - All versions RPCS Raster Driver - All version
Affected products
n/a · n/apublic PoCs found — 4
cve_referencepacketstormsecurity.com/files/156082/Ricoh-Printer-Driver-Local-Privilege-Escalation.htmlunverifiedcve_referencepacketstormsecurity.com/files/156251/Ricoh-Driver-Privilege-Escalation.htmlunverifiedexploitdbwww.exploit-db.com/exploits/48036unverifiedexploitdbwww.exploit-db.com/exploits/47962unverified⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.
References
http://jvn.jp/en/jp/JVN15697526/index.htmlhttp://packetstormsecurity.com/files/156082/Ricoh-Printer-Driver-Local-Privilege-Escalation.htmlhttp://packetstormsecurity.com/files/156251/Ricoh-Driver-Privilege-Escalation.htmlhttp://seclists.org/fulldisclosure/2020/Jan/34https://www.ricoh.com/info/2020/0122_1/