PaperCut Warns of Exploited Vulnerability in Print Management Solutions
PaperCut, a print management solutions provider, has warned organizations that exploitation of a recently patched critical-severity vulnerability (CVE-2023-27350, CVSS score of 9.8) has commenced. The vulnerability is an improper access control issue in the SetupCompleted class of PaperCut MF/NG, which allows a remote, unauthenticated attacker to bypass authentication and execute arbitrary code with System privileges. PaperCut has released patched versions of PaperCut MF and PaperCut NG (20.1.7, 21.2.11, and 22.0.9) and recommends customers update their installations as soon as possible, as exploitation has started. If suspicious activity is suspected, PaperCut recommends reviewing server access logs and performing malware scans, and taking server backups and wiping the Application Server if necessary. CVEs: CVE-2023-27350 [View Article](https://www.securityweek.com/papercut-warns-of-exploited-vulnerability-in-print-management-solutions/)