CISA adds Printer Bug, Chrome Zero-Day, and ChatGPT Issue to Known Exploited Vulnerability List
The Cybersecurity and Infrastructure Security Agency (CISA) has added three new vulnerabilities to its Known Exploited Vulnerability list. These include a flaw in the popular printing management software, PaperCut, Google Chrome zero-day vulnerability, and a ChatGPT issue affecting machine learning tool, MinIO.
PaperCut Vulnerability
PaperCut is a widely used printing management software for almost every printer brand including Canon, Xerox, Epson, and Brother. The vulnerability, CVE-2023-27350, allows attackers to remotely access victim systems without any login credentials. PaperCut released a patch last month to fix this vulnerability. However, CISA has given federal civilian agencies until May 12 to install the patch.
Google Chrome Zero-Day Vulnerability
Google recently released a security update for CVE-2023-2136, a zero-day vulnerability affecting Skia, a tool used by the browser to render graphics, text, and images. This vulnerability has been exploited in the wild and affects all Chrome versions. Google urges users to update their systems to the latest version to prevent exploitation.
ChatGPT Issue
CVE-2023-28432, a flaw in the machine learning tool, MinIO, has been exploited in the wild and affects OpenAI's ChatGPT. GreyNoise reported concerns about the security of the example code provided by OpenAI for developers wanting to integrate their plugins with the new feature. CISA has given federal civilian agencies until May 12 to patch this vulnerability.
It is crucial to keep your systems up-to-date to prevent exploitation. Stay safe and keep your vulnerability patching on schedule.
