CVSS 3.1 Score 6.4 of 10 (medium)


Published Nov 14, 2023
Updated: Nov 21, 2023
CWE ID 269


CVE-2023-6006 is a vulnerability that affects PaperCut NG installations. This vulnerability allows local attackers to escalate privileges by writing into the C Drive and having admin privileges or encountering a misconfigured system. The vulnerability resides in the pc-pdl-to-image process, which loads an executable from an unsecured location. Exploiting this flaw could allow an attacker to execute arbitrary code with SYSTEM-level privileges. It is important for organizations using PaperCut NG to ensure that Print Archiving is enabled and configured properly to mitigate this vulnerability. The severity of this vulnerability is rated as MEDIUM, with high impact on integrity and confidentiality, and a CVSS score of 6.4 out of 10.

Explore Beyond the CVE Basics with Recorded Future's Vulnerability Intelligence

Note: This is just a basic overview providing quick insights into CVE-2023-6006 information. Gain full access to comprehensive CVE data, risk scores, prioritization, and mitigation data through Recorded Future's Vulnerability Intelligence:
  • Prioritize with Risk-Based Scoring
  • Explore the Extensive Vulnerability Database
  • Receive Early Alerts on Emerging CVEs
  • Focus on Critical Exploitable Vulnerabilities
  • Streamline Remediation with Integration Options