Privilege escalation vulnerability in multiple RICOH printer drivers


Multiple RICOH printer drivers contain a privilege escalation vulnerability.

RICOH COMPANY, LTD. reported this vulnerability to JPCERT/CC to notify users of its solution through JVN. JPCERT/CC and [Name of company/Organization] coordinated under the Information Security Early Warning Partnership.
CVSS Severity (What is CVSS?)

CVSS V3 Severity:
Base Metrics 7.8 (High) [IPA Score]
  • Attack Vector: Local
  • Attack Complexity: Low
  • Privileges Required: Low
  • User Interaction: None
  • Scope: Unchanged
  • Confidentiality Impact: High
  • Integrity Impact: High
  • Availability Impact: High
CVSS V2 Severity:
Base Metrics 4.3 (Medium) [IPA Score]
  • Access Vector: Local
  • Access Complexity: Low
  • Authentication: Single Instance
  • Confidentiality Impact: Partial
  • Integrity Impact: Partial
  • Availability Impact: Partial
Affected Products

Ricoh Co., Ltd
  • Generic PCL5 Driver
  • PC FAX Generic Driver
  • PCL6 (PCL XL) Driver
  • PCL6 Driver for Universal Print
  • PostScript3 Driver
  • PS Driver for Universal Print
  • RPCS Driver
  • RPCS Raster Driver

A wide range of the products is affected. For more information, refer to the information provided by the developer.

If a user who can login to the computer where the affected printer driver is installed uses the specially crafted printer driver, that may result in administrative privileges being taken by privilege escalation.

[Apply the Patch]
Apply the approriate patch according to the information provided by the developer.
Vendor Information

Ricoh Co., Ltd
CWE (What is CWE?)

  1. Permissions(CWE-264) [IPA Evaluation]
CVE (What is CVE?)

  1. CVE-2019-19363

  1. JVN : JVN#15697526
  2. National Vulnerability Database (NVD) : CVE-2019-19363
  3. Related document : CVE-2019-19363 - Local Privilege Escalation in many Ricoh Printer Drivers for Windows
Revision History

  • [2020/02/25]
      Web page was published