The company, in a security bulletin, makes customers aware of two vulnerabilities found by 3rd party cyber security company Trend Micro.
The company confirms in its bulletin that it has found evidence that suggest that unpatched servers are being exploited in the wild. The vulnerabilities are named as:
- Remote Code Execution vulnerability (CVE-2023–27350 / ZDI-CAN-18987)
- User account data vulnerability (CVE-2023–27351 / ZDI-CAN-19226)
PaperCut said: “Our immediate advice is to upgrade your PaperCut Application Servers to one of the fixed versions listed below if you haven’t already.
If you suspect that your server has been compromised, we recommend taking server backups, then wiping the Application Server, and rebuilding the Application Server and restoring the database from a ‘safe’ backup point prior to when you discovered any suspicious behaviour.”
For a full list of products affected, please click here.
