Vulnerability

Information Security Office would like to inform you of a critical vulnerability (CVE-2023–27350) discovered and actively exploited in PaperCut NG/MF products. PaperCut NG/MF is a comprehensive print management system. Successful exploitation of this vulnerability could allow for unauthenticated, remote attackers to execute arbitrary code on the server in the context of the System user.

Add an Image or Video

Microsoft has released a patch for this vulnerability as part of their June 2022 Patch Tuesday release. The patch is available via Windows Update.

Please be advised of a critical, zero-day exploit, termed PrintNightmare, discovered in the Windows Print Spooler service that can result in privilege escalation and remote code execution when exploited. This can result in the full compromise of a system, and if leveraged against a domain controller, can be used to take control of the entire domain and propagate malware throughout the network.

Microsoft has released additional security patches related to Microsoft Exchange Server 2013, 2016, and 2019. These patches address additional vulnerabilities which could also allow remote code execution. Please see the updated Microsoft Tech Community article for more information.

---

Of the 120 bugs, Microsoft ranked 17 as “critical” and 103 as “important” vulnerabilities.

Five of the critical bugs (CVE-2020-1554, CVE-2020-1492, CVE-2020-1379, CVE-2020-1477 and CVE-2020-1525) are tied to Microsoft’s Windows Media Foundation (WMF), a multimedia framework and infrastructure platform for handling digital media in Windows 7 through Windows 10 and Windows Server 2008 through 2019. August’s bugs bring the number of critical bugs to ten, points out Allan Liska, senior security architect at Recorded Future.

Netlogon Remote Protocol (MS-NRPC) provides authentication for user and computer accounts in Windows active directory domain. A vulnerability in Netlogon Remote Protocol enables an unauthenticated attacker to impersonate a domain-joined computer and obtain domain administrator privileges.

The impact of this vulnerability is high.

A vulnerability has been discovered in F5 BIG-IP Edge Client for Windows, which could allow for remote code execution. F5's BIG-IP is a family of products covering software and hardware designed around application availability, access control, and security solutions. Successful exploitation of this vulnerability allows for remote unauthenticated attackers to execute arbitrary code in the context of the application used to browse a specially-crafted web-page. This vulnerability may result in complete system compromise

Multiple vulnerabilities have been discovered in GRUB2, the most severe of which could allow for complete system compromise. GRUB2 is a popular Linux bootloader that works with UEFI secure boot. A boot loader is a piece of software that is designed to load and hand over control to the operating system when the system is first turned on. UEFI secure boot is a verification method added to the boot up process used to verify binaries loaded during bootup against a list of known trusted binary files.

Multiple vulnerabilities have been discovered in Juniper products, the most severe of which could allow for remote code execution. Juniper is a vendor for IT, networking and cybersecurity solutions. Successful exploitation of the most severe of these vulnerabilities could allow for remote code execution within the context of the application, an attacker gaining the same privileges as the logged-on user, or the bypassing of security restrictions.