Insufficient verification of data authenticity in Ricoh Printer Driver Packager NX
| Risk | Low |
| Patch available | YES |
| Number of vulnerabilities | 1 |
| CVE-ID | CVE-2023-30759 |
| CWE-ID | CWE-345 |
| Exploitation vector | Local |
| Public exploit | N/A |
| Vulnerable software |
Printer Driver Packager NX Hardware solutions / Drivers |
| Vendor | RICOH COMPANY, LTD. |
Security Bulletin
This security bulletin contains one low risk vulnerability.
1) Insufficient verification of data authenticity
EUVDB-ID: #VU77474
Risk: Low
CVSSv4.0: 4.4 [CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-30759
CWE-ID:
CWE-345 - Insufficient Verification of Data Authenticity
Exploit availability: No
DescriptionThe vulnerability allows a local user to compromise the target system.
The vulnerability exists due to the driver installation package fails to detect its modification and may spawn an unexpected process with the administrative privilege. A local user can execute arbitrary program with the administrative privilege.
MitigationInstall updates from vendor's website.
Vulnerable software versionsPrinter Driver Packager NX: - - 1.1.25
CPE2.3- cpe:2.3:h:ricoh_company:printer_driver_packager_nx:*:*:*:*:*:*:*:*
- cpe:2.3:h:ricoh_company:printer_driver_packager_nx:1.0.02:*:*:*:*:*:*:*
- cpe:2.3:h:ricoh_company:printer_driver_packager_nx:1.1.25:*:*:*:*:*:*:*
https://jvn.jp/en/vu/JVNVU92207133/index.html
https://www.ricoh.com/products/security/vulnerabilities/adv?id=ricoh-prod000048-2023-000001
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
