Cybersecurity researchers have discovered a new high-risk vulnerability in the PaperCut print management software for Windows that can lead to remote code execution under certain circumstances. PaperCut security vulnerability
The vulnerability has been tracked as CVE-2023-39143 (CVSS Score: 8.4). And it affects PaperCut NG/MF prior to version 22.1.3. It has been described as a combination of a path bypass vulnerability and a file upload vulnerability.
“CVE-2023-39143 could enable unauthenticated attackers to read, Delete. And upload arbitrary files to a PaperCut MF/NG application server. leading to remote code execution in some configurations.” said Naveen Sunkavally of Horizon3.ai.
The security company.
Said that file uploads that trigger remote code execution are possible when the External device integration setting is enabled. Which is active by default in some installations of PaperCut.
Earlier this April. Another remote code execution vulnerability in the same product (CVE-2023-27350. CVSS score: 9.8) and information disclosure vulnerability (CVE-2023 – 27351) was widely exploited in the wild to deliver Cobalt Strike ransomware. Iranian state actors have Also been spotted abusing the bug to gain initial access to a target’s networks.
“Compared to CVE-2023-27350. Also CVE-2023-39143 does not require the attackers to obtain any privileges prior to the exploit. and no user interaction is required.” Sunkavally noted. “CVE-2023-39143 is much more complex to exploit. As it involves several issues that need to be linked together to compromise a server. It is not a ‘one-shot’ RCE vulnerability.”
Earlier A vulnerability has also been fixed in PaperCut version 22.1.3 That could allow an unauthenticated attacker with direct access to the server IP to upload arbitrary files to a target directory. Potentially causing a denial of service (CVE-2023-3486, CVSS score: 7.4). ). Tenable has been credited with discovering and reporting this problem.
Therefore I highly recommend that all PaperCut users upgrade to the latest version immediately to avoid exposure to these serious security vulnerabilities. PaperCut security vulnerability