Security News > 2023 > April > PaperCut security vulnerabilities under active attack – vendor urges customers to patch

Hats off to PaperCut in this case, because the company really is trying to make sure that all its customers know about the importance of two vulnerabilities in its products that it patched last month, to the point that it's put a green-striped shield at the top of its main web page that says, "Urgent security message for all NG/MF customers."

We've seen companies that have admitted to unpatched zero-day vulnerabilities and data breaches in a less obvious fashion than this, which is why we're saying "Good job" to the Papercut team for what cybersecurity jargon would probably praise with the orotund phrase an abundance of caution.

PaperCut says that it was first alerted to an attack against an unpatched server at 2023-04-17T17:30Z, and has now worked through its logs and suggests that the earliest attack so far known happened four days before that, at 2023-04-13T15:29Z. In other words, if you patched before 2023-04-13, you'd almost certainly have been ahead of the criminals, but if you haven't patched yet, you really need to.

PaperCut notes that it is trying hard "To compile a list of unpatched PaperCut MF/NG servers that have ports open on the public internet", and then going out of its way to try to contact those obviously-at-risk customers.

If you have PaperCut MF or PaperCut NG, you need to make sure you have one of the following versions installed: 20.1.7, 21.2.11, or 22.0.9.

Remember, of course, that the IoCs shared by PaperCut are, of necessity, limited to those they've already seen in attacks they already know about, so absence of evidence isn't evidence of absence.

News URL

https://nakedsecurity.sophos.com/2023/04/25/papercut-security-vulnerabilities-under-active-attack-vendor-urges-customers-to-patch/