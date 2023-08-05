Researchers specializing in cybersecurity have recently identified a high-severity security vulnerability in the PaperCut print management software for Windows. This flaw, categorized as CVE-2023-39143, poses a significant risk with a CVSS score of 8.4. The affected versions are PaperCut NG/MF prior to 22.1.3, and the vulnerability combines both a path traversal and file upload weakness.

The flaw allows potential unauthorized attackers to read, delete, and upload arbitrary files to the PaperCut MF/NG application server. In certain configurations, this could lead to remote code execution. Specifically, external device integration settings need to be enabled, which is the default setup in specific PaperCut installations.

It’s crucial to distinguish this vulnerability from two previous ones: a remote code execution flaw (CVE-2023-27350) and an information disclosure flaw (CVE-2023-27351) that were exploited earlier this year. These previous vulnerabilities were exploited by Iranian nation-state actors to gain initial access to targeted networks.

Unlike CVE-2023-27350, the newly discovered vulnerability (CVE-2023-39143) doesn’t require prior privileges or user interaction for exploitation. However, it is a more complex vulnerability, requiring multiple issues to be chained together to compromise a server.

Furthermore, an additional security flaw, known as CVE-2023-3486, has also been addressed in PaperCut version 22.1.3. This flaw allows unauthenticated attackers with direct server IP access to upload arbitrary files, potentially leading to a denial-of-service situation.

To mitigate these security risks, users are strongly advised to update their PaperCut installations to version 22.1.3 or later. By doing so, they can ensure the protection of their systems and prevent potential exploitation of these vulnerabilities.