CYBERNEWSMEDIA Network:||
CYBERNEWSMEDIA
CYBERNEWSMEDIA

Cybersecurity News, Insights & Analysis

Latest
TrueConf Zero-Day Exploited in Asian Government Attacks
In Other News: ChatGPT Data Leak, Android Rootkit, Water Facility Hit by Ransomware
Critical ShareFile Flaws Lead to Unauthenticated RCE
Mobile Attack Surface Expands as Enterprises Lose Control
React2Shell Exploited in Large-Scale Credential Harvesting Campaign
AD · 970×250

Vulnerabilities

Organizations Warned of Exploited PaperCut Flaw

Threat actors are exploiting a two-year-old vulnerability in PaperCut that allows them to execute arbitrary code remotely. The post Organizations Warned of Exploited PaperCut Flaw appeared first on SecurityWeek.

CISA KEV

The US cybersecurity agency CISA on Monday warned that a two-year-old vulnerability in PaperCut’s NG and MF print management products has been exploited in the wild.

The flaw, tracked as CVE-2023-2533, is described as a high-severity cross-site request forgery (CSRF) issue that, under certain conditions, allows attackers to modify security settings or execute arbitrary code remotely.

“This could be exploited if the target is an admin with a current login session. Exploiting this would typically involve the possibility of deceiving an admin into clicking a specially crafted malicious link, potentially leading to unauthorized changes,” PaperCut notes in a June 2023 advisory.

It should be noted that, while PaperCut assesses that CVE-2023-2533 has a CVSS score of 7.9, NIST lists it with a CVSS score of 8.8, while Fluid Attacks, which discovered the bug and released proof-of-concept (PoC) code targeting it, assesses that it has a CVSS score of 8.4.

The security defect impacts all PaperCut NG/MF versions prior to 22.1.1, on all platforms, and was addressed in versions 22.1.1, 21.2.12, and 20.1.8. Application servers are affected as well, PaperCut’s advisory reads.

On Monday, CISA added the bug to its Known Exploited Vulnerabilities (KEV) catalog, warning it has been exploited in attacks, but without sharing details on the observed exploitation.

Per Binding Operational Directive (BOD) 22-01, federal agencies have until August 18 to identify vulnerable PaperCut deployments within their environments and apply the available patches.

While BOD 22-01 only applies to federal agencies, all organizations are advised to review CISA’s KEV list and prioritize the patching of security defects relevant to their environments.

Data from The Shadowserver Foundation shows there are roughly 1,000 PaperCut instances accessible from the internet. However, it is unclear how many of them are vulnerable.

PaperCut’s NG/MF print management solutions are used by more than 100 million users across over 70,000 organizations and threat actors previously exploited PaperCut flaws for which patches had been released.

Related: Mitel Patches Critical Flaw in Enterprise Communication Platform

Related: Chinese Spies Target Networking and Virtualization Flaws to Breach Isolated Environments

Related: ToolShell Attacks Hit 400+ SharePoint Servers, US Government Victims Named

Related: Millions of Cars Exposed to Remote Hacking via PerfektBlue Attack

Latest News

CYBERNEWSMEDIAPublisher