Headline
CVE-2019-19363: Update: Printer Security Program issued to address potential vulnerabilities in some of Ricoh's printer/PC fax drivers | Global | Ricoh
An issue was discovered in Ricoh (including Savin and Lanier) Windows printer drivers prior to 2020 that allows attackers local privilege escalation. Affected drivers and versions are: PCL6 Driver for Universal Print - Version 4.0 or later PS Driver for Universal Print - Version 4.0 or later PC FAX Generic Driver - All versions Generic PCL5 Driver - All versions RPCS Driver - All versions PostScript3 Driver - All versions PCL6 (PCL XL) Driver - All versions RPCS Raster Driver - All version
Main content
January 22, 2020
First published January 22, 2020
Date of current status April 15, 2020
Ricoh Company, Limited.
Ricoh understands the importance of security and is committed to managing its products and services with the most advanced security technologies possible for their customers around the world.
On January 22, 2020, Ricoh released updated printer drivers and a security updater program to address a vulnerability1 (CVE-2019-19363) which may have affected some versions of the printer/PC fax drivers used by certain Ricoh MFPs, Printers and Digital Duplicators. Ricoh released an updated Universal Print Driver, Security Updater program, and continues to release additional printer drivers as further vulnerabilities have been identified. All users need to install the latest printer drivers where applicable or apply the security Updater program if you are using any of the affected print drivers. Ricoh suggests the following:
- Please click here to view a list of affected print drivers. Driver updates are ongoing, so please check back to see the latest updates.
- Uninstall all affected drivers, if possible, and remove any previously downloaded copies of affected drivers, then install the latest print drivers. The vulnerability represented can only be fully remediated by updating the driver.
- If you still require using one or more of the affected device specific drivers, run the security updater program. If an affected driver must be reinstalled at any time, please run the security updater program again.
Ricoh is committed to supporting customers across the globe, enabling them to operate Ricoh products equipped with the latest security settings. To minimize potential security risks, Ricoh recommends that customers follow best practices for securely setting up printers or MFPs. Please visit here for details.
Please contact your local Ricoh representative or dealer if you have any queries.
1
Credit for discovery: Yaron Samuel & Or Chechik at Palo Alto Networks and Alexander Pudwill with the assistance of Pentagrid AG. Additional assistance provided by Xanthus Security.
| About Ricoh |
Ricoh is empowering digital workplaces using innovative technologies and services enabling individuals to work smarter. For more than 80 years, Ricoh has been driving innovation and is a leading provider of document management solutions, IT services, communications services, commercial and industrial printing, digital cameras, and industrial systems.
Headquartered in Tokyo, Ricoh Group operates in approximately 200 countries and regions. In the financial year ended March 2019, Ricoh Group had worldwide sales of 2,013 billion yen (approx. 18.1 billion USD).
For further information, please visit www.ricoh.com
© 2020 RICOH COMPANY, LTD. All rights reserved. All referenced product names are the trademarks of their respective companies.