Papercut says hackers are attempting to breach its network through two previously tracked security flaws.
The hacking campaign could affect over 100 million users in 75 countries.
-
The first vulnerability is tracked as
CVE-2023-27350
and has a 9.8 CVSS ranking.
- The flaw could allow hackers to remotely execute malicious code on a server without having login credentials.
- The second security flaw is tracked as CVE-2023-27351 and has a CVSS ranking of 8.2 out of 10.
- Papercut has recommended its users update their software to PaperCut MF and PaperCut NG versions 20.1.7, 21.2.11, and 22.0.9 and later.
- Some security reports claim that there are at least 1,800 exposed Papercut servers.
- While the threat actor responsible for this breach is unknown, analysts believe that the campaign may be tied to the Russia-backed hacker group Clog.
- The suspicions for this are based on the use of Truebot, which is often used by Clop .