Cybersecurity scientists have identified a new substantial-severity security flaw in PaperCut print management computer software for Windows that could final result in remote code execution underneath unique circumstances.
Tracked as CVE-2023-39143 (CVSS rating: 8.4), the flaw impacts PaperCut NG/MF prior to model 22.1.3. It has been described as a mixture of a route traversal and file upload vulnerability.
“CVE-2023-39143 allows unauthenticated attackers to most likely study, delete, and add arbitrary documents to the PaperCut MF/NG application server, ensuing in distant code execution in certain configurations,” Horizon3.ai’s Naveen Sunkavally stated.
The cybersecurity agency reported that file upload major to remote code execution is feasible when the exterior product integration environment is enabled, which is on by default in some installations of PaperCut.
Before this April, yet another distant code execution vulnerability in the exact same merchandise (CVE-2023-27350, CVSS rating: 9.8) and an information and facts disclosure flaw (CVE-2023–27351) arrived under widespread exploitation in the wild to provide Cobalt Strike and ransomware. Iranian nation-condition actors were being also spotted abusing the bugs to get preliminary access to target networks.
“When compared to CVE-2023-27350, CVE-2023-39143 also does not call for attackers to have any prior privileges to exploit, and no user conversation is demanded,” Sunkavally pointed out. “CVE-2023-39143 is a lot more sophisticated to exploit, involving several issues that must be chained with each other to compromise a server. It is not a ‘one-shot’ RCE vulnerability.”
Also remediated by PaperCut in variation 22.1.3 is a security flaw that could allow for an unauthenticated attacker with direct server IP accessibility to upload arbitrary data files into a goal listing, primary to a likely denial-of-assistance (CVE-2023-3486, CVSS score: 7.4). Tenable has been credited with discovering and reporting the issue.
Identified this short article fascinating? Follow us on Twitter and LinkedIn to examine far more exceptional information we post.
Some parts of this article are sourced from:
thehackernews.com