October 3, 2023

Researchers have discovered a new high-severity security flaw in PaperCut print management software for Windows that could result in remote code execution under specific circumstances.

The vulnerability tracked as CVE-2023-39143 with a CVSS score: 8.4 impacts PaperCut NG/MF prior to version 22.1.3. It has been described as a combination of a path traversal and file upload vulnerability.

The file upload leading to remote code execution is possible when the external device integration setting is enabled, which is on by default in some installations of PaperCut.

Advertisements

Earlier this year, another remote code execution vulnerability in the same product (CVE-2023-27350) and an information disclosure flaw (CVE-2023–27351) came under widespread exploitation in the wild to deliver Cobalt Strike and ransomware Iranian nation-state actors were also spotted abusing the bugs to obtain initial access to target networks.

When compared with CVE-2023-27350, CVE-2023-39143 that does not require attackers to have any prior privileges to exploit, and no user interaction is required. CVE-2023-39143 is more complex to exploit, involving multiple issues that must be chained together to compromise a server.

Also patched flaw tracked as CVE-2023-3486 with a CVSS score of 7.4, an unauthenticated attacker with direct server IP access to upload arbitrary files into a target leading to a potential denial-of-service.

Tags:

Leave a Reply

You may have missed

Industrial Control Systems and Vulnerability Management Process

October 2, 2023

McLaren Healthcare suffers a Ransomware Incident

October 2, 2023

TheCyberThrone CyberSecurity Newsletter Top 5 Articles – September, 2023

October 2, 2023

TheCyberThrone Security Week In Review – September 30, 2023

October 1, 2023

Mozilla fixes CVE-2023-5217 Vulnerability in its Products

September 30, 2023

CISA KEV Update Part III – September 2023

September 30, 2023
%d bloggers like this: