"Attackers Abuse PaperCut RCE Flaws to Take Over Enterprise Print Servers"

Researchers have disclosed new information about how attackers are circumventing authentication and executing remote code by exploiting two vulnerabilities in the PaperCut enterprise print management system used by more than 100 million customers worldwide. The vulnerabilities bring further attention to the threat that enterprise printers and related systems pose to organizations' overall security, a frequently overlooked threat. Researchers from PaperCut and security companies have already warned that attackers are exploiting the vulnerabilities, which PaperCut patched in an update to its PaperCut MF and NG products on March 8. Threat actors are using the flaws to seize control of unpatched versions of the software. On April 21, the US Homeland Security Department's Cybersecurity and Infrastructure Security Agency (CISA) added the vulnerabilities to its catalog of known exploited vulnerabilities. This article continues to discuss attackers exploiting flaws in the PaperCut enterprise print management system to bypass authentication and execute remote code.

Dark Reading reports "Attackers Abuse PaperCut RCE Flaws to Take Over Enterprise Print Servers"