Security News > 2023 > May > Microsoft Warns of State-Sponsored Attacks Exploiting Critical PaperCut Vulnerability

Microsoft Warns of State-Sponsored Attacks Exploiting Critical PaperCut Vulnerability
2023-05-09 08:53

Iranian nation-state groups have now joined financially motivated actors in actively exploiting a critical flaw in PaperCut print management software, Microsoft said.

The tech giant's threat intelligence team said it observed both Mango Sandstorm and Mint Sandstorm weaponizing CVE-2023-27350 in their operations to achieve initial access.

"This activity shows Mint Sandstorm's continued ability to rapidly incorporate exploits into their operations," Microsoft said in a series of tweets.

It's worth noting that Mango Sandstorm is linked to Iran's Ministry of Intelligence and Security and Mint Sandstorm is said to be associated with the Islamic Revolutionary Guard Corps.

CVE-2023-27350 relates to a critical flaw in PaperCut MF and NG installations that could be exploited by an unauthenticated attacker to execute arbitrary code with SYSTEM privileges.

With more attackers jumping in on the PaperCut exploitation bandwagon to breach vulnerable servers, it's imperative that organizations move quickly to apply the necessary updates.


News URL

https://thehackernews.com/2023/05/microsoft-warns-of-state-sponsored.html

Related Vulnerability

DATE CVE VULNERABILITY TITLE RISK
2023-04-20 CVE-2023-27350 Improper Access Control vulnerability in Papercut NG
This vulnerability allows remote attackers to bypass authentication on affected installations of PaperCut NG 22.0.5 (Build 63914).
network
low complexity
papercut CWE-284
critical
9.8

Related vendor

VENDOR LAST 12M #/PRODUCTS LOW MEDIUM HIGH CRITICAL TOTAL VULNS
Microsoft 708 787 4589 4647 3639 13662
Papercut 3 0 7 7 2 16