The Common UNIX Printing System (CUPS) is an open-source printing system which allows for managing printers and print jobs across local and networked environments in Unix-like operating systems including Linux and MacOS. Several vulnerabilities were found in CUPS which affect GNU/Linux distributions. These vulnerabilities have been identified as CVE-2024-47176, CVE-2024-47177, CVE-2024-47178 and CVE-2024-47179, and they could allow for remote code execution on vulnerable systems. The vulnerabilities arise from issues within the CUPS-browsed and cupsd components, which handle tasks related to printer discovery and communication with printers. Attackers could potentially exploit these vulnerabilities by sending specially crafted requests to the CUPS service, leading to arbitrary code execution with the privileges of the CUPS daemon. It is highly recommended that users of affected Linux distributions update their CUPS installations to the latest patched versions to mitigate the risks associated with these vulnerabilities.
A critical vulnerability, CVE-2024-47177, has been discovered in the Common Unix Printing System (CUPS), allowing remote attackers to execute arbitrary commands on vulnerable systems. This vulnerability is a combination of four separate vulnerabilities, CVE-2024-47176, CVE-2024-47076, CVE-2024-47175, and CVE-2024-47177, which are exploited together to achieve remote code execution. The exploit only requires an attacker to send a UDP packet with a URL to a system which the attacker controls. The attacker can then execute arbitrary commands as the “foomatic-rip” process and continue with their post-exploitation goals. Organizations should immediately patch their CUPS installations to mitigate this vulnerability. As a precaution, it is also recommended to disable the “cups-browsed” service and use firewall rules to prevent access to UDP port 631. Sysdig Secure and Falco are tools that can be used to detect malicious activity related to this vulnerability.
Multiple vulnerabilities have been discovered in the Common Unix Printing System (CUPS), a core printing component for many Unix-like operating systems. These vulnerabilities, tracked as CVE-2024-47176, CVE-2024-47076, CVE-2024-47175, and CVE-2024-47177, could allow attackers to execute arbitrary commands on vulnerable systems, potentially leading to security breaches and data theft. The vulnerabilities stem from flaws in the handling of Internet Printing Protocol (IPP) requests, improper validation of IPP attributes, and inadequate sanitization of temporary files. Systems running CUPS, particularly those with the cups-browsed service exposed to the internet, are at risk. The impact of these vulnerabilities is considered major, as they allow for remote code execution, potentially leading to significant security compromises.
A critical vulnerability (CVE-2024-7120) has been discovered in the Common Unix Printing System (CUPS) software, affecting a wide range of Linux distributions. This vulnerability allows attackers to execute arbitrary code remotely without any authentication, potentially leading to a complete compromise of vulnerable systems. The vulnerability arises from CUPS’s handling of print jobs, where an attacker can exploit a flaw in its processing to gain unauthorized access and execute malicious code. This flaw is particularly concerning as it can be exploited remotely, allowing attackers to compromise systems without any user interaction. Organizations using CUPS are strongly advised to prioritize patching their systems with the latest security updates to mitigate this critical vulnerability. Failure to do so could result in significant data breaches, disruption of operations, and potential system control by malicious actors.
Several critical vulnerabilities have been identified in the CUPS printing system, which are being actively exploited by attackers. These vulnerabilities pose a significant risk to organizations, as they could allow attackers to gain remote code execution and control over affected systems. Bitsight has highlighted the importance of rapid detection and remediation of these vulnerabilities, emphasizing the need for organizations to implement effective security measures and stay informed about emerging threats. The company offers a solution for data security posture management (DSPM) that can help organizations identify and protect sensitive data, mitigating the risk of data exposure and breaches.