Avatar
WalletScrutiny 1y ago

At least some 300,000 machines reachable on the internet are vulnerable to a remote code execution vulnerability that appears to be rather easy to execute on all of those.

The vulnerable package is cups-browsed - a tool for printing - which does get installed by default on many desktop linux systems but who knows ... maybe you are running some media server with your bitcoin wallet and your printer reachable via the same RaspberryPi?

Check your machines. Android appears not to run cups but if you run Linux or Mac, you might want to double-check if you're one of the lucky 300,000 that get to update their system **now**.

https://www.evilsocket.net/2024/09/26/Attacking-UNIX-systems-via-CUPS-Part-I/

Reply to this note

Please Login to reply.

Discussion

Avatar
Matt 1y ago

Is this actually confirmed or still speculation?

Avatar
Leo Wandersleb 1y ago

Oh, that is clearly confirmed. I have not read the whole post linked but it should contain all details needed to build an exploit. At this point there is no speculation anymore.

Avatar
Matt 1y ago

I didn't see the link the first time for some reason.