| Technology: | Office applications |
2025: Addressing the CVE-2024-28059 Vulnerability
PT SWARM expert Arseniy Sharoglazov discovered vulnerability CVE-2024-28059 (BDU:2024-01648) in the centralized print management system printers and MyQ Print Server. This ON is installed on and servers Windows controlled by printers scanners and various manufacturers in the organization, providing a single interface to access them. MyQ solutions are used in 140. countries of the world Vendor was notified of the threat as part of the responsible disclosure policy and issued an update. This was Positive Technologies reported on January 30, 2025.
 | The vulnerability is of the most dangerous type - it allowed an attacker to remotely execute arbitrary code without authentication. Only one request was required for operation. An attacker could gain full access to the MyQ Print Server and intercept confidential documents going to print, user passwords and other information. The MyQ system is usually hosted on the company's internal network, but if an attacker discovered a vulnerability in any other product on the perimeter that could fake a request on the server side, then he could compromise MyQ Print Server, even if this system is not directly displayed on the Internet, - said Arseniy Sharoglazov, expert at PT SWARM. |  |
The CVE-2024-28059 (BDU:2024-01648) vulnerability contained versions of MyQ Print Server 8.2 Patch 42 and below. The installation of MyQ Print Server 8.2 Patch 43 allows you to fix the security problem.
| The site content is translated by machine translation software powered by PROMT. The machine-translated articles are not always perfect and may contain errors in vocabulary, syntax or grammar. Read original article If you find inaccuracies or errors in the results of machine translation, please write to editor@tadviser.ru. We will make every effort to correct them as soon as possible. |