Ricoh understands the importance of security and is committed to managing its products and services with the most advanced security technologies possible for its customers worldwide.
Ricoh is aware of the reported "Vulnerability that an attacker can escalate privileges to NT Authority\System on the OS where RICOH Streamline NX PC Client is installed." affects certain products and services that Ricoh develops, manufactures, and offers.
Ricoh offers measures detailed below.
An attacker can escalate privileges to NT Authority\System on the OS where RICOH Streamline NX PC Client is installed. The Ricoh Streamline NX client application also installs an H2 instance with hardcoded credentials that runs as NT Authority\System, even though it can only be accessed locally. By connecting to the H2 instance and abusing the "CREATE ALIAS" functionality, it is possible to execute arbitrary programs as NT Authority\System.
| Products or Services | Components | Versions |
|---|---|---|
| Ricoh Streamline NX v3 | RICOH Streamline NX PC Client | 3.7.2 and lower |
Check the version of the product by one of the following methods on the PC running RICOH Streamline NX PC Client .
-Right-click the icon in the task tray and display the "Version Information" menu.
-Check the version of "RICOH Streamline NX PC Client" from the list of "Programs and Features" in the Control Panel.
Please update RICOH Streamline NX PC Client to a version that addresses this vulnerability.
Fixed version:
3.231.0
3.7.2.1
3.6.2.2
3.5.1.202
3.4.3.2
Please contact your local Ricoh representative or dealer if you have any queries.
The distribution URL of this page:
https://www.ricoh.com/products/security/vulnerabilities/adv?id=ricoh-prod000077-2024-000005 Please note that any copy or paraphrase of the text of this document that differs in content from the distribution URL link, or omits the URL, is an uncontrolled copy and may lack important information or contain factual errors.
