Lead Story | Critical — Active Exploitation · Ransomware Delivery · CISA KEV | IT Ops · Enterprise |
|
PaperCut CVE-2023-27351 Lands on CISA KEV in 2026 — The Patch Has Existed for Three Years and Lace Tempest Already Used It to Deliver Cl0p and LockBit
PaperCut NG/MF manages print across enterprise offices, university campuses, hospital networks, and government buildings. CISA added CVE-2023-27351 to its Known Exploited Vulnerabilities catalogue on April 20, 2026. The fix has been available since March 2023. The exploitation has not stopped.
PaperCut NG and MF are the print management platforms IT departments use to control, monitor, and charge-back printing across devices in enterprise offices, university campuses, hospital networks, and government buildings. They are managed by IT operations — not typically the security team — which means vulnerabilities in these platforms are precisely the kind that sit unpatched in environments where security oversight is thinner. CVE-2023-27351 is an improper authentication flaw in PaperCut’s SecurityRequestFilter class — the gate that determines which API requests require credentials and which do not. An unauthenticated remote attacker can bypass that gate and extract account data directly from the server: usernames, full names, email addresses, department and office information, hashed passwords from internal PaperCut accounts, and payment card data stored within the platform. The patch has been available since March 2023, fixed in versions 20.1.7, 21.2.11, and 22.0.9. CISA’s addition of CVE-2023-27351 to its Known Exploited Vulnerabilities catalogue on April 20, 2026 confirms that unpatched instances are still being actively targeted.
The exploitation history is severe. Microsoft Threat Intelligence attributed the original campaign in April 2023 to Lace Tempest — a Cl0p ransomware affiliate tracking as an overlap of FIN11 and TA505. Lace Tempest combined CVE-2023-27351 with CVE-2023-27350 (an unauthenticated RCE in PaperCut, CVSS 9.8): the auth bypass enumerated accounts and exposed credentials; the RCE established persistence, stole LSASS credential material, deployed a Cobalt Strike Beacon, and exfiltrated data through MegaSync before Cl0p encrypted. LockBit affiliates ran parallel campaigns against the same unpatched PaperCut deployments. Two years later, CISA’s KEV addition signals the same vulnerability is still generating access. Canadian IT teams running PaperCut across education, healthcare, and government — the three sectors where centralised print management is most deeply embedded — are directly in scope. Ontario universities, school boards, regional health authorities, and federal government departments are among the heaviest users of PaperCut in Canada.
→ Key Takeaway IT Ops teams: Identify every PaperCut NG and MF instance in your environment and check the version. Fixed versions are 20.1.7, 21.2.11, and 22.0.9 or later — anything older is vulnerable. Patch immediately. If patching is delayed, restrict PaperCut’s management interface to internal networks only and disable any guest-accessible endpoints. Review access logs for unexpected unauthenticated API requests since January 2025 as a sign of prior exploitation. If personal information stored in PaperCut was accessed — usernames, email addresses, hashed passwords — Canadian organisations face PIPEDA breach notification obligations: assess whether a real risk of significant harm exists and notify the Office of the Privacy Commissioner if it does. HARDENED does not endorse or recommend specific vendors. Tools are listed for awareness only. |
Quick Hits
| 01 |
Three Cisco Catalyst SD-WAN Manager CVEs Hit CISA KEV in 48 Hours — Chainable to Full Management Plane Compromise
CISA added three Cisco Catalyst SD-WAN Manager vulnerabilities to the KEV catalogue on April 20–21: CVE-2026-20122 (CVSS 5.4, unauthenticated API abuse enabling malicious file upload and vmanage privilege acquisition), CVE-2026-20128 (CVSS 7.5, passwords in recoverable format enabling local privilege escalation to DCA user level), and CVE-2026-20133 (CVSS 7.5, unauthenticated sensitive information disclosure). Cisco confirmed active exploitation of the first two in early March 2026. The three chain together — intelligence gathering via CVE-2026-20133, foothold via CVE-2026-20122, privilege escalation via CVE-2026-20128 — giving an attacker effective control of the WAN management plane. Organisations with the SD-WAN Manager UI or API exposed to untrusted networks should patch immediately; the U.S. federal agency deadline for CVE-2026-20133 is April 24.
| Critical — Active Exploitation · CISA KEV | Enterprise · IT Ops · Cloud+DevOps |
|
| 02 |
LogJack: Researchers Show Indirect Prompt Injection Via Cloud Logs Achieves RCE on 6 of 8 LLM Debugging Agents — Claude Sonnet 4.6 Fully Resisted Verbatim Execution
Cloud logs are untrusted data from potentially hostile sources — but LLM-assisted debugging and observability agents routinely treat them as trusted context. Researchers publishing arxiv preprint 2604.15368 (April 15, 2026) showed what that assumption costs: a malicious instruction embedded in a log entry rides into an agent’s context window and gets executed as a command. They named the technique LogJack and tested 42 payloads across five cloud log categories against eight foundation models. The failure rate was severe: six of the eight models executed curl | bash remote code execution payloads. Model choice proved decisive — Claude Sonnet 4.6 held at 0% verbatim command execution across all trials; Llama 3.3 70B executed malicious commands 86.2% of the time under active injection conditions. Any team running AI-assisted log triage, LLM-powered SIEM integration, or automated incident-response agents that ingest infrastructure logs is operating in this threat model now. arxiv.org/abs/2604.15368 →
| Intel — Action Required · AI Agent Risk | Dev · Cloud+DevOps |
|
CVE Watch
|
CVE Watch
CVE-2024-27199 (JetBrains TeamCity): Relative Path Traversal Allowing Limited Admin Actions — Added to CISA KEV April 20, CI/CD Pipeline Exposure in Scope
CVE-2024-27199 is a relative path traversal vulnerability in JetBrains TeamCity server rated CVSS 7.3. An unauthenticated attacker can reach certain TeamCity endpoints outside the intended path structure and perform what JetBrains describes as “limited admin actions.” In CI/CD environments, limited admin actions are not limited in practice: the ability to create users, modify build configurations, or inject steps into a pipeline translates directly to software supply chain compromise. CISA added CVE-2024-27199 to the KEV catalogue on April 20, 2026, confirming active exploitation in the wild. TeamCity is widely used across enterprise and mid-market software delivery teams, including in Canadian professional services, financial services, and government-adjacent technology organisations. Patch to 2023.11.4 immediately if you have not already done so; as a temporary measure, restrict TeamCity server access to internal networks or VPN only.
| Vendor: JetBrains (TeamCity) · CVE: CVE-2024-27199 · CVSS: 7.3 High · Affected: TeamCity On-Premises ≤ 2023.11.3 · Fix: 2023.11.4 · Exploitation: Confirmed in wild (CISA KEV Apr 20, 2026) |
|
Compliance Tip of the Day
|
NIST CSF 2.0 — PR.PS — Protect: Platform Security — PR.PS-01
PaperCut Has Had a Patch Since 2023. CISA Is Still Seeing Active Exploitation in 2026. That Gap Is a Configuration Baseline Problem.
PR.PS-01 under NIST CSF 2.0 requires that configuration baselines for hardware and software be established and maintained. The PaperCut story is a textbook consequence of the baseline not existing: a patch landed in March 2023, CISA confirmed active exploitation three years later, and the gap in between is filled by organisations that did not know what version they were running or did not treat a print management platform as something requiring a patching baseline. IT-managed infrastructure — print servers, asset management appliances, HR platforms, ticketing systems — is systematically under-patched because it sits outside the security team’s patch cycle. PR.PS-01 captures exactly these systems. Concrete action (PR.PS-01): Build or verify a software inventory for every IT-managed platform in your environment. For each one, record the current running version, the current vendor-released version, and the delta. Any platform with a KEV-confirmed CVE in a version you are running is a remediation-now priority, regardless of which team owns it. NIST CSF 2.0 reference: nist.gov/cyberframework.
|
On Our Radar
Everest Ransomware Claims 3.4 Million Banking Records — Citizens Bank, Frost Bank, and Others: The Everest ransomware cluster posted claims to its leak site on April 20, 2026 listing Citizens Bank, Frost Bank, and several other financial institutions as victims, with an alleged haul of 3.4 million banking records, 250,000+ Social Security Numbers, and unencrypted payment card data. Neither institution has publicly confirmed a breach. Everest has a documented pattern of inflating record counts to maximise extortion pressure; the FBI and CISA attribute the group to Russian ransomware ecosystems. Canadian financial institutions should treat the claims as a threat intelligence signal: Everest’s infrastructure and initial access techniques observed in U.S. financial sector campaigns have appeared in Canadian financial sector incidents. Review external exposure of customer data repositories and verify DLP controls are active on PII and SIN-equivalent databases.
LogJack Countermeasure Note (QH02 Follow-Through): Teams operating LLM-assisted log analysis pipelines should implement log sanitisation before content reaches any LLM context window: strip or escape instruction-formatted text patterns in log fields (e.g., lines beginning with “Instruction:”, “System:”, or structured JSON keys that shadow system prompt schema). Apply least-privilege to any agentic workflow that handles log data — a log-analysis agent should not hold credentials or permissions that would make code execution consequential even if it were induced. Model choice matters: the 0% verbatim execution rate for Claude Sonnet 4.6 in the LogJack paper reflects instruction hierarchy enforcement and should be a selection criterion when evaluating LLMs for autonomous log-processing tasks.
|
HARDENED | This newsletter does not constitute professional security advice. Security configurations and threat landscapes vary by organisation. Consult a qualified security professional for implementation guidance specific to your environment. How we work: HARDENED uses AI agents for research, drafting, and automation. Every issue is reviewed by humans before publication. If you spot an error, reply directly — we correct the record promptly. Sources: PaperCut Security Advisory (CVE-2023-27351), papercut.com/kb/Main/PO-1216-and-PO-1219 · Microsoft Threat Intelligence (Lace Tempest / PaperCut attribution, April 26, 2023), microsoft.com/en-us/security/blog · The Hacker News (PaperCut / LockBit / Cl0p), thehackernews.com/2023/04/microsoft-confirms-papercut-servers.html · CISA Known Exploited Vulnerabilities Catalogue (CVE-2023-27351, April 20, 2026), cisa.gov/known-exploited-vulnerabilities-catalog · Cisco Security Advisories (CVE-2026-20122, CVE-2026-20128, CVE-2026-20133), sec.cloudapps.cisco.com · CISA KEV (Cisco SD-WAN / April 20–21, 2026 additions), cisa.gov/known-exploited-vulnerabilities-catalog · BleepingComputer (Cisco SD-WAN KEV additions), bleepingcomputer.com · arXiv preprint 2604.15368 “LogJack: Indirect Prompt Injection Through Cloud Logs Against LLM Debugging Agents” (April 15, 2026), arxiv.org/abs/2604.15368 · Daily Dark Web / ransomware.live (Everest ransomware claims, April 20, 2026) · CISA KEV (CVE-2024-27199 JetBrains TeamCity, April 20, 2026), cisa.gov/known-exploited-vulnerabilities-catalog · JetBrains Security Bulletin (CVE-2024-27199), jetbrains.com/privacy-security/issues-fixed · NIST CSF 2.0 (PR.PS-01), nist.gov/cyberframework · OPC PIPEDA breach notification, priv.gc.ca |
|
