Strix
26.1K

CVE-2024-4712

HIGHCVSS 7.8/10EPSS 0.41%

Last modified

CVE-2024-4712 is a high-severity vulnerability rated 7.8/10 on the CVSS scale. An arbitrary file creation vulnerability exists in PaperCut NG/MF that only affects Windows servers with Web Print enabled. This specific flaw exists within the image-handler process, which can incorrectly create files that don’t exist when a maliciously formed payload is provided. This can lead to local privilege escalation. Note: This CVE has been split into two (CVE-2024-4712 and CVE-2024-8405) and it’s been rescored with a "Privileges Required (PR)" rating of low, and “Attack Complexity (AC)” rating of low, reflecting the worst-case scenario where an Administrator has granted local login access to standard network users on the host server.. EPSS estimates a 0.41% chance of exploitation in the next 30 days.

Description

An arbitrary file creation vulnerability exists in PaperCut NG/MF that only affects Windows servers with Web Print enabled. This specific flaw exists within the image-handler process, which can incorrectly create files that don’t exist when a maliciously formed payload is provided. This can lead to local privilege escalation. Note: This CVE has been split into two (CVE-2024-4712 and CVE-2024-8405) and it’s been rescored with a "Privileges Required (PR)" rating of low, and “Attack Complexity (AC)” rating of low, reflecting the worst-case scenario where an Administrator has granted local login access to standard network users on the host server.

Metrics

CVSS 3.1
7.8/10

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

EPSS Probability
0.41%

32.3th percentile

Probability of exploitation in the next 30 days. Learn more

Weakness Enumeration

Affected Software

VendorProductVersions
PapercutPapercut Mf< 23.0.9
PapercutPapercut Ng< 23.0.9

References

Timeline

Published
Last Modified
Status
Analyzed

Frequently Asked Questions

What is CVE-2024-4712?
An arbitrary file creation vulnerability exists in PaperCut NG/MF that only affects Windows servers with Web Print enabled. This specific flaw exists within the image-handler process, which can incorrectly create files that don’t exist when a maliciously formed payload is provided. This can lead to local privilege escalation. Note: This CVE has been split into two (CVE-2024-4712 and CVE-2024-8405) and it’s been rescored with a "Privileges Required (PR)" rating of low, and “Attack Complexity (AC)” rating of low, reflecting the worst-case scenario where an Administrator has granted local login access to standard network users on the host server.
How severe is CVE-2024-4712?
CVE-2024-4712 has a CVSS score of 7.8/10 (HIGH severity). The EPSS model estimates a 0.41% probability of exploitation in the next 30 days.
How do I fix CVE-2024-4712?
Check the vendor references and advisories linked above for patched versions and mitigation guidance. You can also run a Strix scan to test if your systems are affected.

Are you affected by CVE-2024-4712?

Run a free Strix scan to check your systems for this vulnerability.

Scan your code now

Source: NVD / NIST