Multiple Vulnerabilities In PrinterLogic Software Could Allow Remote Code Execution

  •  
  •  
  •  
  • 1
  •  
  •  
  •  
    1
    Share

According to a recently released advisory, multiple security vulnerabilities have been spotted in PrinterLogic Print Management Software. As much as three different security vulnerabilities in PrinterLogic Software could allow remote code execution by a potential attacker.

PrinterLogic Software Vulnerabilities

A CERT/CC security advisory highlights three different vulnerabilities in PrinterLogic Software. These security flaws existed as the Print Management Software failed to validate the SSL certificate.

As stated in the advisory, these vulnerabilities could let an attacker execute remote codes.

“An unauthenticated attacker may be able to remotely execute arbitrary code with SYSTEM privileges.”

The first of the three vulnerabilities (CVE-2018-5408) existed due to improper certificate validation.

“The PrinterLogic Print Management software does not validate, or incorrectly validates, the PrinterLogic management portal’s SSL certificate.”

This could allow an attacker to spoof a trusted entity by MiTM attacks.

The other vulnerability, CVE-2018-5409, could result in downloading a code without checking its origin or integrity. This could allow an attacker to perform DNS spoofing, compromise host server, or modify codes in transit.

The third vulnerability (CVE-2019-9505) occurred due to the software’s failure in sanitizing special characters.

“PrinterLogic Print Management software does not sanitize special characters allowing for remote unauthorized changes to configuration files.”

Patches To Arrive Shortly

The flaws allegedly affect all PrinterLogic Software versions including and before 18.3.1.96. All these software versions remain vulnerable to multiple attacks.

For now, no patches are available for the three bugs. Nonetheless, the users must ensure updating to the latest patched version as soon as it is available.

Meanwhile, users can apply security procedures to mitigate cyber threats, such as using ‘always-on’ VPN to prevent MiTM attacks. As recommended,

“Consider using ‘always on’ VPN to prevent some of the MITM scenarios and enforce application whitelisting on the endpoint to prevent the PrinterLogic agent from executing malicious code.”

Take your time to comment on this article.

The following two tabs change content below.
Avatar

Abeerah Hashim

Abeerah has been a passionate blogger for several years with a particular interest towards science and technology. She is crazy to know everything about the latest tech developments. Knowing and writing about cybersecurity, hacking, and spying has always enchanted her. When she is not writing, what else can be a better pastime than web surfing and staying updated about the tech world! Reach out to me at: [email protected]
Avatar

Abeerah Hashim

Abeerah has been a passionate blogger for several years with a particular interest towards science and technology. She is crazy to know everything about the latest tech developments. Knowing and writing about cybersecurity, hacking, and spying has always enchanted her. When she is not writing, what else can be a better pastime than web surfing and staying updated about the tech world! Reach out to me at: [email protected]

Do NOT follow this link or you will be banned from the site!