CISA adds printer bug, Chrome zero-day and ChatGPT issue to exploited vulnerabilities catalog
The Cybersecurity and Infrastructure Security Agency (CISA) added an issue affecting a popular print management software tool to its list of exploited vulnerabilities on Friday.
PaperCut is a software company that produces printing management software for Canon, Epson, Xerox, Brother and almost every other major printer brand. Their tools are widely used within governments agencies, universities, and large companies around the world.
But on Wednesday, the company published an urgent update to an advisory recommending companies install a patch for the vulnerability.
“We have evidence to suggest that unpatched servers are being exploited in the wild,” the company said. The first published an advisory about the issue on March 8.
“If you suspect that your server has been compromised, we recommend taking server backups, then wiping the Application Server, and rebuilding the Application Server and restoring the database from a ‘safe’ backup point prior to when you discovered any suspicious behavior.”
CVE-2023–27350 was the most severe of the two, with a CVSS score of 9.8 out of 10. That vulnerability – which CISA added to its Known Exploited Vulnerability catalog on Friday – allows an unauthenticated attacker to access victim systems remotely without the need to log in anywhere.
PaperCut released a fix for the vulnerability last month and CISA gave federal civilian agencies until May 12 to install the patch.
The PaperCut vulnerability was one of three bugs added to CISA’s list on Friday. A zero-day vulnerability affecting Google Chrome – CVE-2023-2136 – was also added to the list after Google released a security update for the issue on Wednesday.
Google said it “is aware that an exploit for CVE-2023-2136 exists in the wild.” The vulnerability affects Skia, a tool used by the browser to render graphics, text, shapes, images, and animations.
The other vulnerability added, CVE-2023-28432, affects a tool called MinIO which is used widely for machine learning, analytics and more.
Threat intelligence company GreyNoise explained that the issue affects OpenAI’s popular ChatGPT tool. Last month, OpenAI added a new feature to the headline-grabbing tool that allows it to pull information from other sources.
“There are some concerns about the security of the example code provided by OpenAI for developers who want to integrate their plugins with the new feature,” GreyNoise’s Matthew Remacle said.
“While we have no information suggesting that any specific actor is targeting ChatGPT example instances, we have observed this vulnerability being actively exploited in the wild. When attackers attempt mass-identification and mass-exploitation of vulnerable services, ‘everything’ is in scope, including any deployed ChatGPT plugins that utilize this outdated version of MinIO.”
Like the PaperCut issue, both the Google and MinIO vulnerabilities need to be patched by federal civilian agencies by May 12.
Clarification (4/24/2023): This story has been updated to include information about PaperCut's original advisory.
Jonathan Greig is a Breaking News Reporter at Recorded Future News. Jonathan has worked across the globe as a journalist since 2014. Before moving back to New York City, he worked for news outlets in South Africa, Jordan and Cambodia. He previously covered cybersecurity at ZDNet and TechRepublic.