1. Forum
  2. tqwNet
  3. TQW_GENTECH

  • CUPS open source printing system can be hacked to hijack your dev

    From TechnologyDaily@1337:1/100 to All on Fri Sep 27 16:30:05 2024
    CUPS open source printing system can be hacked to hijack your devices,
    experts warn

    Date:
    Fri, 27 Sep 2024 15:19:00 +0000

    Description:
    It's a difficult attack to pull off, but it can be done, researchers say.

    FULL STORY ======================================================================

    The Common UNIX Printing System, or CUPS, can be abused to run malicious code on vulnerable endpoints remotely, experts have warned.

    CUPS is an open-source printing system developed by Apple for Unix-like operating systems, including Linux and macOS. It provides a standardized way to manage print jobs and queues, supporting both local and network printers . CUPS uses the Internet Printing Protocol (IPP) as its primary protocol, allowing seamless printer discovery and job submission across networks. It also includes a web-based interface for managing printers, print jobs, and configurations.

    Cybersecurity researcher Simone Margaritelli of Evil Socket discovered a problem in the systems ability to discover new printers. As the researcher explains, CUPS has four vulnerabilities: CVE_2024-47076, CVE-2024-47175, CVE-2024-47176, and CVE-2024-47177. These vulnerabilities, when chained together, allow threat actors to create a fake, malicious printer, and have CUPS discover it. Roadblocks to exploitation

    The moment a user tries to print something using this new device, a malicious command gets executed locally on their device.

    While it sounds like a major vulnerability, Red Hat deemed it important
    rather than critical, and this is mostly because there are many hoops to jump through, before the flaw can be exploited for RCE.

    The first, and biggest one, is that the component named cups-browsed daemon, which looks for shared printers on the local network and enables them for printing, needs to be turned on. The researcher said that sometimes its
    turned off by default, and sometimes its turned on.

    The second major hoop is making the victim pick the new printer that suddenly appeared out of nowhere, instead of their usual machine.

    Red Hat is currently working on a fix, so a patch is not yet available. However, the easy fix is to stop the cups-browsed service from running, and
    to prevent it from being started on reboot.

    Via BleepingComputer More from TechRadar Pro Microsoft says Russian hackers are exploiting an ancient printer security flaw Here's a list of the best firewalls around today These are the best endpoint security tools right now



    ======================================================================
    Link to news story: https://www.techradar.com/pro/security/cups-open-source-printing-system-can-be -hacked-to-hijack-your-devices-experts-warn


    --- Mystic BBS v1.12 A47 (Linux/64)
    * Origin: tqwNet Technology News (1337:1/100)