"The first vulnerability exploits a default setting that allows print jobs to be accepted without authentication when the printer queue is shared. An attacker can send a specially crafted print job and thereby execute code on the system."
"The second vulnerability lies in CUPS's authorization handling, where a local user without elevated privileges can trick the system into connecting to a malicious print service, allowing files to be overwritten with root privileges."
"The techniques required to exploit these vulnerabilities are now relatively easy to implement, partly because sample code is publicly available and modern AI tools can quickly convert it into working attacks."
Security researchers identified two vulnerabilities in CUPS version 2.4.16, enabling remote code execution by attackers without credentials. The first vulnerability allows print jobs to be accepted without authentication, while the second involves tricking the system into connecting to a malicious print service. When combined, these vulnerabilities can grant full control to an external attacker. Although no official update is available, patches have been published. The ease of exploiting these vulnerabilities is concerning, especially with publicly available sample code and modern AI tools facilitating attacks.
Read at Techzine Global
Unable to calculate read time
Collection
[
|
...
]