CVE-2019-19363
CVE-2019-19363
Vexday Risk Score
38Atención
Decisión SSVC (CISA)
Attend
PoC disponible → seguir de cerca
Madurez del exploit
Exploit funcional
Exploit automatizable disponible (Nuclei/Metasploit).
CVSS —EPSS 4.6%KEV nãoPoC públicaNuclei —Metasploit simPatch —
Ciclo de vida
22 ene 2020Exploit Metasploit disponible
22 ene 2020PoC pública
24 ene 2020Publicada en NVD
Recomendación: Planificar corrección próxima — ya existe PoC pública.
An issue was discovered in Ricoh (including Savin and Lanier) Windows printer drivers prior to 2020 that allows attackers local privilege escalation. Affected drivers and versions are: PCL6 Driver for Universal Print - Version 4.0 or later PS Driver for Universal Print - Version 4.0 or later PC FAX Generic Driver - All versions Generic PCL5 Driver - All versions RPCS Driver - All versions PostScript3 Driver - All versions PCL6 (PCL XL) Driver - All versions RPCS Raster Driver - All version
Productos afectados
n/a · n/aPoCs públicas encontradas — 4
cve_referencepacketstormsecurity.com/files/156082/Ricoh-Printer-Driver-Local-Privilege-Escalation.htmlno verificadocve_referencepacketstormsecurity.com/files/156251/Ricoh-Driver-Privilege-Escalation.htmlno verificadoexploitdbwww.exploit-db.com/exploits/48036no verificadoexploitdbwww.exploit-db.com/exploits/47962no verificado⚠ Recursos públicos, para evaluar la exposición de sistemas que controlas o estás autorizado a probar. Prueba solo con autorización.
Referencias
http://jvn.jp/en/jp/JVN15697526/index.htmlhttp://packetstormsecurity.com/files/156082/Ricoh-Printer-Driver-Local-Privilege-Escalation.htmlhttp://packetstormsecurity.com/files/156251/Ricoh-Driver-Privilege-Escalation.htmlhttp://seclists.org/fulldisclosure/2020/Jan/34https://www.ricoh.com/info/2020/0122_1/