Threat Advisory – Critical PaperCut vulnerability being actively exploited

Threat advisory

What is PaperCut MF & MG?

PaperCut is a piece of software that allows one to manage and minimize printer waste as well as print in a sensitive documents in a secure manner.

What is is the threat found in Papercut MF & NG?

A critical vulnerability, CVE-2023-27350, has been found and is currently being exploited by threat actors. If a threat actor manages to successfully exploit this vulnerability the attacker could access the following with out authenticating:

  • Usernames
  • Email addresses
  • Office & Department information
  • Card Numbers

A proof of concent (PoC) has been published and is easily available for this vulnerability on the internet. Barracuda MSP have observed that this CVE is being exploited by nation state sponsored attackers. Barracuda recommend to immediately upgrade to the latest version of the software in order to have this vulnerability remediated.

The vulnerability in PaperCut is due to the fact that there are improper access controls in place to prevent an authentication bypass and a remote code execution which can be found on installations of this software.

In order for an attacker to exploit the flaw, a specially crafted message that would contain malicious code would be sent to the victim, and once the message is clicked on by the victim the code will execute and give the attacker full control over their device.

This device then could be used to steal data, spread malware, or carry out additional attacks.

Any version of PaperCut MF or NG prior to version 2.2126.14 are vulnerable. As previously stated it is important to update to the latest version of this software which has this critical vulnerability patched.

As a result this vulnerability has been given a CVSS score of 9.8.


Leave a Reply

Your email address will not be published. Required fields are marked *