Ransomware, Threat Intelligence

Critical PaperCut NG/MF software flaw fixed

Patches have been issued by PaperCut for a critical security flaw impacting its NG/MF print management software, which could be exploited to facilitate remote code execution on vulnerable Windows servers, BleepingComputer reports. Windows servers in non-default configurations that have an activated external device integration setting are affected by the vulnerability, tracked as CVE-2023-39143, which stems from the combination of path traversal bugs, according to Horizon3, which discovered the vulnerability. "Based on sample data we have collected at Horizon3 from real-world environments, we estimate that the vast majority of PaperCut installations are running on Windows with the external device integration setting turned on," said Horizon3, which said that external device integration is on by default in PaperCut MF and PaperCut NG Commercial version. Such a fix comes after the earlier exploitation of two other PaperCut vulnerabilities, tracked as CVE-2023-27350 and CVE-2023-27351, in attacks that Microsoft has attributed to the LockBit and Cl0p ransomware operations, as well as the Iranian state-sponsored threat groups APT35 and Muddywater.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.