← back
CVE-2023-30759

CVE-2023-30759

CVSS 8.4 HIGHEPSS 0.1%CWE-352
Vexday Risk Score
21Low
SSVC decision (CISA)
Track
No exploitation signal → monitor
CVSS 8.4EPSS 0.1%KEV nãoPoC Nuclei Metasploit Patch
Lifecycle
19 Jun 2023Published on NVD
Recommendation: Monitor — no exploitation signal at the moment.
The driver installation package created by Printer Driver Packager NX v1.0.02 to v1.1.25 fails to detect its modification and may spawn an unexpected process with the administrative privilege. If a non-administrative user modifies the driver installation package and runs it on the target PC, an arbitrary program may be executed with the administrative privilege.
CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Affected products
Ricoh Company, Ltd. · Printer Driver Packager NX

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://jvn.jp/en/vu/JVNVU92207133/https://www.ricoh.com/products/security/vulnerabilities/adv?id=ricoh-prod000048-2023-000001https://www.ricoh.com/products/security/vulnerabilities/vul?id=ricoh-2023-000001