A Microsoft spokesperson stated in a statement that recent attacks that exploited two vulnerabilities in the PaperCut print management software are likely associated with an affiliate program for the Clop ransomware.
PaperCut Application Server was updated last month with two vulnerabilities that could allow remote attackers to execute unauthenticated code and access information.
CVE-2023–27350 / ZDI-CAN-18987 / PO-1216: This vulnerability affects all PaperCut MF/NG versions 8.0 or later on all OS platforms, as well as the application server. It impacts both the application server and the site server.
CVE-2023–27351 / ZDI-CAN-19226 / PO-1219: A vulnerability in PaperCut MF or NG versions 15.0 or later is present on each application server platform, causing unauthenticated information disclosure.
It was notified last week that a vulnerability had been exploited in the wild by Trend Micro, and PaperCut sent an alert out to users. Customer servers must be updated as soon as possible to ensure security.
“Microsoft is attributing the recently reported attacks exploiting the CVE-2023-27350 and CVE-2023-27351 vulnerabilities in print management software PaperCut to deliver Clop ransomware to t
[…]
Content was cut in order to protect the source.Please visit the source for the rest of the article.
[…]
Content was cut in order to protect the source.Please visit the source for the rest of the article.
This article has been indexed from CySecurity News – Latest Information Security and Hacking Incidents
Read the original article: