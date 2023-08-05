CityLife

New High-Severity Security Flaw Discovered in PaperCut Print Management Software for Windows

ByRobert Andrew

Aug 5, 2023
Cybersecurity researchers have uncovered a serious security flaw in PaperCut, a print management software for Windows. This vulnerability, tracked as CVE-2023-39143, has a high severity level with a CVSS score of 8.4. The flaw affects PaperCut NG/MF versions prior to 22.1.3 and is characterized as a combination of a path traversal and file upload vulnerability.

According to Naveen Sunkavally of Horizon3.ai, CVE-2023-39143 allows unauthenticated attackers to potentially read, delete, and upload arbitrary files to the PaperCut MF/NG application server. This can result in remote code execution in specific configurations. The exploit is possible when the external device integration setting is enabled, which is a default setting in certain PaperCut installations.

It is worth noting that this is not the first security issue to affect PaperCut. In April, another remote code execution vulnerability (CVE-2023-27350) and an information disclosure flaw (CVE-2023–27351) were actively exploited in the wild, leading to the deployment of Cobalt Strike and ransomware. Iranian nation-state actors were found to be utilizing these vulnerabilities to gain initial access to target networks.

Compared to previous vulnerabilities, CVE-2023-39143 does not require attackers to have any prior privileges or user interaction. However, it is a more complex vulnerability that involves chaining multiple issues together to compromise a server, rather than a straightforward remote code execution vulnerability.

In addition to CVE-2023-39143, PaperCut has addressed another security flaw in version 22.1.3. This flaw (CVE-2023-3486) could potentially allow an unauthenticated attacker with direct server IP access to upload arbitrary files into a target directory, potentially leading to a denial-of-service.

These vulnerabilities highlight the importance of promptly updating software to the latest patched versions. Users of PaperCut should ensure they have updated to version 22.1.3 to protect against these security flaws.

By Robert Andrew

