CVE-2023-27350ĬVE-2023-27350, which was reported by the Zero Day Initiative, pertains to a critical vulnerability found in both PaperCut MF and NG installations. These vulnerabilities were reported to the company in early January, prompting the necessary fixes to ensure the security of their products. On March 8th, PaperCut released new versions of their enterprise print management software which encompassed fixes for two vulnerabilities: CVE-2023-27350 and CVE-2023-27351. PaperCut’s website states that its software has garnered an extensive user base of over 100 million individuals across more than 70,000 organizations worldwide. These products are utilized by local governments, large enterprises, healthcare institutions, and educational organizations. PaperCut offers clients a range of products, including the distinct print management solutions known as PaperCut NG and PaperCut MF. PaperCut supports both on-premise and cloud deployments and is compatible with a wide array of printers and operating systems. It encompasses a variety of features, such as print job tracking, quotas, rules-based printing, and cost accounting. PaperCut is a comprehensive print management software that enables organizations to manage their printing environments effectively. Furthermore, the report includes recommendations for mitigation that affected organizations can adopt to effectively address these vulnerabilities. It delves into the potential consequences of these vulnerabilities and highlights the threat actors who have taken advantage of them, including notable ransomware groups such as LockBit, Bl00dy, and Clop. This report provides a comprehensive overview of two vulnerabilities found in the PaperCut software: CVE-2023-27350 and CVE-2023-27351. Multiple threat actors are specifically focusing their efforts on targeting the education sector, resulting in a significant surge in attacks within this industry, with the occurrence rate escalating by several hundred percent in recent times. The Cyberint research team has identified a significant trend in relation to these recent attacks and associated incidents linked to this vulnerability. Consulted with your reseller, especially around firmware compatibility.Over the past two months, the Cyberint research team has witnessed an extensive campaign in which threat actors are actively exploiting the recently discovered vulnerability in the PaperCut print management platform.Please check that you have completed the following: They will also be able to assist with the IT infrastructure Your reseller will beĪware of any firmware-level or on-device changes that are required, as well as the brand- and model-specific upgrade process. Installation of MFD embedded applications, which, if required, needs to be performed by an MFD reseller.ĭue to the complexities of embedded solutions on copiers, installing or upgrading these components needs to be performed in conjunction with your reseller.Installation on IT infrastructure such as server and workstations, which can be carried out by a system administrator or technician, and.What will this upgrade involve?Ī complete upgrade of PaperCut MF involves: If your Maintenance & Support has expired, please consult with your PaperCut MF Reseller when discussing your planned upgrade. Please see the screenshot below for an example of a license with current Maintenance & Support. 16.0 was released on March 15, 2016), you can install the new version. If the date is after the x.0 release (eg. In the License Information section you will find a 'Software updates available until' date. You can check your Maintenance & Support status in the PaperCut web administration interface, under the About tab. Your PaperCut MF license must have current Maintenance & Support to apply the upgrade. For more information see our Upgrading Knowledge Base article Am I eligible for this upgrade?Īll PaperCut MF customers have access to upgrades issued in the first 12 months from initial purchase. Have consulted with your reseller about the specifics of your environmentįor customers using Online Payment Gateways, when upgrading to the latest PaperCut MF 22.0.12, you must also upgrade the Payment Gateway module.
0 Comments
Leave a Reply. |