Security Architecture, Endpoint/Device Security, IoT, Security Strategy, Plan, Budget, Vulnerability Management, Endpoint/Device Security, Endpoint/Device Security, Endpoint/Device Security

Three serious vulnerabilities found in PrinterLogic software

The current and older versions of PrinterLogic Print Management Software contain three high-severity vulnerabilities that would-be attackers could exploit to reconfigure the software and remotely execute code.

According to a security advisory from the CERT/CC at Carnegie Mellon University's Software Engineering Institute, the PrinterLogic agent fails to properly validate the PrinterLogic management portal's SSL certificate (CVE-2018-5408) and PrinterLogic update packages (CVE-2018-5409). It also does not sanitize web browser input (CVE-2019-9505).

Malicious actors could exploit CVE-2018-5408 by introducing an invalid or malicious certificate that allows them to conduct a man-in-the-middle attack.
"The software might connect to a malicious host while believing it is a trusted host, or the software might be deceived into accepting spoofed data that appears to originate from a trusted host," the CERT/CC's advisory states.

They could also abuse CVE-2018-5409 in order to execute malicious code
"by compromising the host server, performing DNS spoofing or modifying the code in transit," the advisory continues. And the third vulnerability, CVE-2019-9505, could be exploited to allow remote unauthorized changes to configuration files.

Versions of PrinterLogic are affected by the trio of bugs. As of May 6 at noon ET, there are no patched versions available. In the meantime, the CERT/CC suggests that PrinterLogic customers "consider using 'always on' VPN to prevent some of the MITM scenarios and enforce application whitelisting on the endpoint to prevent the PrinterLogic agent from executing malicious code."

UPDATE 5/10/19: PrinterLogic now has has an active resolution in place to address the vulnerability. The solution is available here.

Bradley Barth

As director of multimedia content strategy at CyberRisk Alliance, Bradley Barth develops content for online conferences, webcasts, podcasts video/multimedia projects — often serving as moderator or host. For nearly six years, he wrote and reported for SC Media as deputy editor and, before that, senior reporter. He was previously a program executive with the tech-focused PR firm Voxus. Past journalistic experience includes stints as business editor at Executive Technology, a staff writer at New York Sportscene and a freelance journalist covering travel and entertainment. In his spare time, Bradley also writes screenplays.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.