CVE-2019-19363
HIGHRicoh <2020 - Privilege Escalation
Title source: llmDescription
An issue was discovered in Ricoh (including Savin and Lanier) Windows printer drivers prior to 2020 that allows attackers local privilege escalation. Affected drivers and versions are: PCL6 Driver for Universal Print - Version 4.0 or later PS Driver for Universal Print - Version 4.0 or later PC FAX Generic Driver - All versions Generic PCL5 Driver - All versions RPCS Driver - All versions PostScript3 Driver - All versions PCL6 (PCL XL) Driver - All versions RPCS Raster Driver - All version
Exploits (3)
exploitdb
WORKING POC
VERIFIED
by Metasploit · rubylocalwindows
https://www.exploit-db.com/exploits/48036
metasploit
WORKING POC
NORMAL
by Alexander Pudwill, Pentagrid AG, Shelby Pace · rubypocwin
https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/windows/local/ricoh_driver_privesc.rb
References (5)
Scores
CVSS v3
7.8
EPSS
0.0399
EPSS Percentile
88.4%
Attack Vector
LOCAL
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Details
CWE
CWE-732
Status
published
Products (8)
ricoh/generic_pcl5_driver
ricoh/pc_fax_generic_driver
ricoh/pcl6_driver_for_universal_print
4.0 - 4.26
ricoh/pcl6_\(pcl_xl\)_driver
ricoh/postscript3_driver
ricoh/ps_driver_for_universal_print
4.0 - 4.26
ricoh/rpcs_driver
ricoh/rpcs_raster_driver
Published
Jan 24, 2020
Tracked Since
Feb 18, 2026