Original Post: Zero-day RCE vulnerability found in CUPS – Common UNIX Printing System
On September 27, 2024, Simone Margaritelli from evilsocket.net disclosed several vulnerabilities in the Common UNIX Printing System (CUPS) that allow for arbitrary remote code execution (RCE). There are currently four associated CVEs, one of which has a CVSS score of 9.9. The vulnerabilities affect cups-browsed
, libcupsfilters
, cups-filters
, and libppd
, impacting all previous versions of these packages. These issues are significant only if the CUPS service is enabled and accessible through UDP port 631 or DNS-SD.
To mitigate these vulnerabilities, users are advised to assess if they need CUPS, deactivate it if unnecessary, or block access to the specified ports. Snyk provides tools to detect and monitor these vulnerabilities in both source code and container images. The Snyk platform uses various metrics to prioritize the remediation of these issues and offers detailed reports for tracking and managing vulnerabilities. Users can gain more information and support through Snyk’s community resources or by signing up for a free trial.
Go here to read the Original Post