[Japanese]

JVNDB-2023-002111

Printer Driver Packager NX creates driver installation packages without modification detection

Overview

Printer Driver Packager NX provided by Ricoh Company, Ltd. is a tool to create driver installation packages. A driver installation package is used to install and configure printer drivers on the target PCs.
The installation and configuration of printer drivers require an administrative privilege, and a created driver installation package can bundle administrative credentials in encrypted form enabling non-administrative users to install printer drivers without administrator's help.

The driver installation package, created by the affected version of Printer Driver Packager NX, fails to detect its modification (CWE-345) and may spawn an unexpected process with the administrative privilege.

Ricoh Company, Ltd. reported this vulnerability to JPCERT/CC to notify users of its solution through JVN.
CVSS Severity (What is CVSS?)

CVSS V3 Severity:
Base Metrics 7.8 (High) [Other]
  • Attack Vector: Local
  • Attack Complexity: High
  • Privileges Required: Low
  • User Interaction: None
  • Scope: Changed
  • Confidentiality Impact: High
  • Integrity Impact: High
  • Availability Impact: High
Affected Products


Ricoh Co., Ltd
  • Ridoc Ez Installer NX v1.0.02 to v1.1.25

Impact

If a non-administrative user modifies the driver installation package and runs it on the target PC, an arbitrary program may be executed with the administrative privilege.

[Comment]
The analysis assumes that a non-administrative user modifies the installation package and runs it on the target PC.
Solution

[Update the software and re-create installation packages]
Update the affected Printer Driver Packager NX to the latest version and re-create driver installation packages, according to the information provided by the developer.
The developer has released Printer Driver Packager NX v1.1.26 that addresses this vulnerability.
Vendor Information

Ricoh Co., Ltd
CWE (What is CWE?)

  1. Insufficient Verification of Data Authenticity(CWE-345) [Other]
CVE (What is CVE?)

  1. CVE-2023-30759
References

  1. JVN : JVNVU#92207133
  2. National Vulnerability Database (NVD) : CVE-2023-30759
Revision History

  • [2023/06/15]
      Web page was published
  • [2024/05/23]
      References : Content was added

Date Public2023/06/14
Date First Published2023/06/15
Date Last Updated2024/05/23