PaperCut Print Deploy contains a high-severity insecure process execution vulnerability that could permit local attackers to escalate privileges.

The vulnerability resides in the pc-printer-updater process, which fails to securely handle process execution. This flaw typically allows a local user with lower-level access to execute commands with elevated system privileges.

The CVSS score of 7.3 highlights the danger of local privilege escalation within an enterprise print environment. Successful exploitation could lead to full system compromise, allowing an attacker to move laterally across the network or gain persistent access to the host server.

Immediate Action: Apply the latest security updates provided by PaperCut to the Print Deploy component.

Proactive Monitoring: Monitor system logs for suspicious process spawning or unauthorized execution attempts related to the print updater service.

Compensating Controls: Restrict local user access to the print server and enforce the principle of least privilege for all service accounts.

Public Exploit Available: false

Given the risk of privilege escalation, administrators should treat this vulnerability with high urgency. Patching the pc-printer-updater is critical to preventing unauthorized system-level access and maintaining the integrity of the print management infrastructure.