Vulnerability Description
The driver installation package created by Printer Driver Packager NX v1.0.02 to v1.1.25 fails to detect its modification and may spawn an unexpected process with the administrative privilege. If a non-administrative user modifies the driver installation package and runs it on the target PC, an arbitrary program may be executed with the administrative privilege.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Ricoh | Printer Driver Packager Nx | >= 1.0.02, < 1.1.26 |
Related Weaknesses (CWE)
References
- https://jvn.jp/en/vu/JVNVU92207133/Third Party Advisory
- https://www.ricoh.com/products/security/vulnerabilities/adv?id=ricoh-prod000048-Vendor Advisory
- https://www.ricoh.com/products/security/vulnerabilities/vul?id=ricoh-2023-000001Vendor Advisory
- https://jvn.jp/en/vu/JVNVU92207133/Third Party Advisory
- https://www.ricoh.com/products/security/vulnerabilities/adv?id=ricoh-prod000048-Vendor Advisory
- https://www.ricoh.com/products/security/vulnerabilities/vul?id=ricoh-2023-000001Vendor Advisory
FAQ
What is CVE-2023-30759?
CVE-2023-30759 is a vulnerability with a CVSS score of 7.8 (HIGH). The driver installation package created by Printer Driver Packager NX v1.0.02 to v1.1.25 fails to detect its modification and may spawn an unexpected process with the administrative privilege. If a no...
How severe is CVE-2023-30759?
CVE-2023-30759 has been rated HIGH with a CVSS base score of 7.8/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2023-30759?
Check the references section above for vendor advisories and patch information. Affected products include: Ricoh Printer Driver Packager Nx.