Hackers exploiting 'PaperCut' Software Vulnerabilities Put 70,000+ Companies at Risk

Threat actors have been exploiting severe vulnerabilities in ‘PaperCut NG/MF’ that give a hacker remote control over the victim's desktop and network, executing arbitrary code.

The ‘PaperCut’ software is an application that allows companies to manage and print documents with ease from where ever, either through a desktop or the phone having even the data encrypted to be safe and secured… everyone once thought. 

Over 70,000 companies use PaperCut, with a reported 100 million active users. PaperCut has released a warning to immediately update to the latest version of PaperCut NG/MF as the vulnerabilities discovered have now been patched to versions 20.1.7 and up have been patched.



There were 2 vulnerabilities discovered with a critical security rating of 8.2 and 9.8, dangerous ratings in the cyber world:

CVE-2023-27350 | CNA Rating: 9.8 | 

  • Description: This allows an unauthenticated attacker to remotely execute malicious code without logging in or providing a password.



CVE-2023-27351 | CNA Rating: 8.2 | 

  • Description: This vulnerability allows an attacker to extract data that can contain usernames, emails, full names, and other various personal information



A security firm ‘Huntress’ reported on the matter and found evidence that a threat actor exploited these vulnerabilities and used remote management software to install malware called “TrueBot”. The malware TrueBot is linked to a hacking group called “Silence” that was responsible for the “Clop” ransomware that infected multiple companies globally by also utilising the TrueBot malware.

 

Your Security is our Priority

Your friendly Support Team

the computer department logo

Speak to us about all your computer needs

This is Part of our Cyber Security awareness educational campaign. Through this training, you will learn awareness and key principles, and best practices to protect yourself, your organisation, and the public from cyber attackers. You will also be equipped with the knowledge to identify potential threats and take action before any damage can occur.

 
Previous
Previous

State-sponsored Russian Hackers Attack Cisco Routers

Next
Next

Unmasking the 'Goldoson' Malware: Over 100 Millions Android Users at Risk