![]() Please refer to the "URGENT | PaperCut MF/NG vulnerability bulletin (March 2023) (PaperCut)" in the APPENDIX for further details. Yes, PaperCut has released a patch for CVE-2023-27350 for PaperCut MF and PaperCut NG versions 20.1.7, 21.2.11 and 22.0.9 and later. Has the Vendor Released a Patch for CVE-2023-27350? Please refer to the Appendix for a link to "URGENT | PaperCut MF/NG vulnerability bulletin (March 2023)". Has the Vendor Released an Advisory for CVE-2023-27350? The Clop ransomware threat actor is believed to have used the Truebot malware in their attacks in this latest attack. Furthermore, known remote management, maintenance software and the Truebot malware were reported deployed on vulnerable servers. PaperCut confirms the vulnerability is being exploited in the wild. Is CVE-2023-27350 being Exploited in the Wild? The vulnerability has a CVSS base score of 9.8. The MF version shares the same codebase, but allows for support of multifunction devices.ĬVE-2023-27350 is a Remote Code Execution (RCE) vulnerability that allows an attacker to bypass authentication and remotely execute malicious code on unpatched servers. PaperCut NG is compatible with a wide range of printers, copiers, and multi-function devices and can be installed on various operating systems such as Windows, Linux, and macOS. It provides tools for monitoring printer usage, setting policies, and controlling access to resources. PaperCut NG is a print management software that helps organizations manage printing within their environment. ![]() ![]() As such, patches should be applied as soon as possible. Various remote management and maintenance software and Truebot malware were reportedly to have been deployed to unpatched severs. UPDATE : Updated protection section for IPS protection.įortiGuard Labs is aware that a recently disclosed vulnerability in PaperCut MF/NG (CVE-2023-27350) is susceptible to a remote code execution attack and is currently being exploited in the wild. ![]()
0 Comments
Leave a Reply. |