CVE-2024-47176
Published: 26 September 2024
Summary
CVE-2024-47176 is a medium-severity Binding to an Unrestricted IP Address (CWE-1327) vulnerability in Openprinting Cups-Browsed. Its CVSS base score is 5.3 (Medium).
Operationally, ranked in the top 0.5% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog; a public proof-of-concept is referenced.
Deeper analysis
CUPS, the open-source printing system, is affected in its cups-browsed component, which provides network printing features such as auto-discovery of print services. The vulnerability stems from cups-browsed binding to INADDR_ANY:631, which causes it to trust packets from any source and issue Get-Printer-Attributes IPP requests to an arbitrary attacker-controlled URL. This issue is tracked under CWE-1327 and carries a CVSS 3.1 score of 5.3.
An unauthenticated attacker with network access can exploit the flaw by supplying a malicious printer definition. When combined with the related issues CVE-2024-47076, CVE-2024-47175, and CVE-2024-47177, the weakness enables remote arbitrary command execution on the target system simply by causing a print job to be processed against the attacker-controlled printer.
Public advisories published by the OpenPrinting project on GitHub detail the affected code in cups-browsed and the companion libraries cups-filters, libcupsfilters, and libppd. The current EPSS score of 0.8759 matches its recorded peak, indicating sustained exploitation interest following disclosure.
EU & UK References
- 🇪🇺 ENISA EUVD: EUVD-2024-42298
Vulnerability details
CUPS is a standards-based, open-source printing system, and `cups-browsed` contains network printing functionality including, but not limited to, auto-discovering print services and shared printers. `cups-browsed` binds to `INADDR_ANY:631`, causing it to trust any packet from any source, and can cause…
more
the `Get-Printer-Attributes` IPP request to an attacker controlled URL. When combined with other vulnerabilities, such as CVE-2024-47076, CVE-2024-47175, and CVE-2024-47177, an attacker can execute arbitrary commands remotely on the target machine without authentication when a malicious printer is printed to.
- CWE(s)
Related Threats
No named actor attribution yet. ATT&CK technique mapping in progress for this CVE.
Affected Assets
Mitigating Controls
No mitigating controls mapped yet. The per-CVE control annotator has not reached this CVE.