Greetings SEO Members,
Vulnerability Summary
The PaperCut Print Management software contains a vulnerability (CVE-2023-27350) that could allow attackers to remotely execute code with administrative privileges, thus making it possible to deploy the Clop ransomware and encrypt files on the compromised systems. This vulnerability was discovered in March, 2023 and promptly reported to PaperCut who disclosed the vulnerability along with a patch on April 19th. PaperCut MF/NG is used by over 70,000 organizations, including some of our libraries. One of our libraries became aware of this vulnerability as their receipt printer printed the following ransomware statement:
Recommendation
PaperCut highly recommends ALL organizations upgrading to the fixed versions detailed below IMMEDIATELY.
Affected Versions
PaperCut MF/NG version 22.0.5 (Build 63914) – prior versions may also be affected
Fixed Versions
PaperCut MF/NG versions 20.1.7, 21.2.11, and 22.0.9
References to vendor announcements, solutions, and links provided by SEO
Vendor Advisory: PaperCut MF/NG Vulnerability Bulletin | URGENT & Solution Details
National Vulnerability Database – CVE-2023-27350
National Vulnerability Database – CVE-2023-27351
SEO Ransomware and Cyber Incident Articles
Report Security Vulnerabilities to SEO like these here: Report Security Event
Please let us know if you have any questions regarding this vulnerability.
Best Regards,