Visit our booth at CANSEC on May 27-28
Articles
·
No items found.
·
26.09.2024

Potential critical vulnerability in Linux (score of 9.9)

A critical security vulnerability (score of 9.9) has been discovered on Linux. The vulnerability concerns the Linux print server CUPS.

The following CVEs have been assigned to this vulnerability: CVE-2024-47176, CVE-2024-47076, CVE-2024-47175 and CVE-2024-47177. Additional CVEs may be added.

 

What we know about the vulnerability

This vulnerability is of type RCE. Exploiting this type of vulnerability enables an attacker to remotely execute system code (computer program) that will impact the attacked system.

Note that the attacker does not need to be authenticated to exploit an RCE vulnerability. In other words, the attack can succeed even if you use a very complex password with the MFA to access the server containing the RCE vulnerability.

 

How to exploit the vulnerability

This RCE vulnerability can be exploited remotely via a UDP packet on port 631 without the attacker being authenticated, if port CUPS/631 is open on the Linux machine and is allowed in your firewall.

Vulnerable Linux versions

  • most GNU/Linux distributions
  • some BSD distributions.
  • Etc.

Details to follow.

 

Considerations for vulnerabilities with a score of 9.9

Since the vulnerability score is very high (9.9 on a scale of 10), this means that:

  • The vulnerability can be exploited remotely.
  • No authentication is required to exploit the vulnerability.
  • The attacker does not need to know the password of the attacked server.
  • The vulnerability can be easily exploited.
  • the impact on the attacked target can be major.

 

Recommendation

  • If you don't need it, disable/uninstall the cups-browsed service on your Linux machines. For example: for RedHat :  
    • to check whether the service is enabled: sudo systemctl status cups-browsed
    • to stop or disable the service: sudo systemctl stop cups-browsed or $ sudo systemctl disable cups-browsed
  • Update CUPS on your systems to the latest version (if you need this service)
  • Block incoming UDP communications to port 631 in your firewall (if you don't need CUPS to be externally accessible).

 

What Streamscan can do to protect you

If you're a Streamscan partner :

  • We have set up a crisis unit to monitor the evolution of this critical vulnerability. We will apply the appropriate response measures.
  • Our DRG/MDR security monitoring team remains vigilant in monitoring your network.

Next steps

  • Additional details are expected for this vulnerability. We will post an update when new information becomes available.

 

Articles
·
13.05.2026
The Myth of “Offsetting” Cybersecurity Investments
Data backup: if we're paying for better threat detection and response, shouldn't that reduce our exposure to incidents requiring recovery?
Articles
·
14.04.2026
2026-4-14 - Government of Canada introduces Level 1 of Canadian Program for Cyber Security Certification
Today, April 14, 2026, the Canadian federal government is officially launching the CPCSC Level 1 certification . It will be required for federal contracts starting in the summer of 2026. CPCSC Level 1 consists of 13controls.

Your security deserves a conversation

Contact us today
HomeOpen XDRStreamEnclaveEDRMDRIncident ResponseCMMC CertificationCPCSC CertificationPrivacy PolicyCookies Policy
PartnersAboutCareersBlogVideos and WebinarsToolsWhitepapersResearchCybersecurity StrategyPenetration TestsContact
Cutting-edge cybersecurity solutions tailored to organizations operating in complex environments.
StreamScan Your Cybersecurity Partner Logo
StreamScan needs the information you provide to us to send you our newsletter. You may unsubscribe from our communications at anytime. For more information, check out our Privacy Policy.