The driver installation package created by Printer Driver Packager NX v1.0.02 to v1.1.25 fails to detect its modification and may spawn an unexpected process with the administrative privilege. If a non-administrative user modifies the driver installation package and runs it on the target PC, an arbitrary program may be executed with the administrative privilege.
References
Link | Resource |
---|---|
https://jvn.jp/en/vu/JVNVU92207133/ | Third Party Advisory |
https://www.ricoh.com/products/security/vulnerabilities/adv?id=ricoh-prod000048-2023-000001 | Vendor Advisory |
https://www.ricoh.com/products/security/vulnerabilities/vul?id=ricoh-2023-000001 | Vendor Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: jpcert
Published: 2023-06-19T00:00:00
Updated: 2023-06-19T00:00:00
Reserved: 2023-05-11T00:00:00
Link: CVE-2023-30759
JSON object: View
NVD Information
Status : Analyzed
Published: 2023-06-19T05:15:09.290
Modified: 2023-06-27T18:36:55.627
Link: CVE-2023-30759
JSON object: View
Redhat Information
No data.
CWE