DDoS attacks possible with exploitation of CUPS vulnerabilities

Threat actors could exploit four recently discovered vulnerabilities impacting the Common UNIX Printing System to facilitate significant distributed denial-of-service attacks, according to The Record, a news site by cybersecurity firm Recorded Future.

Nearly 34% of over 198,000 internet-exposed devices affected by the CUPS flaws, tracked as CVE-2024-47176, CVE-2024-47076, CVE-2024-47175, and CVE-2024-47177, could be leveraged for DDoS attacks, which involve the delivery of a packet designating a target as an additional printer, an analysis from Akamai's Security Intelligence and Response Team showed. "For each packet sent, the vulnerable CUPS server will generate a larger and partially attacker-controlled IPP/HTTP request directed at the specified target. As a result, not only is the target affected, but the host of the CUPS server also becomes a victim, as the attack consumes its network bandwidth and CPU resources," said Akamai Principal Security Researcher Larry Cashdollar. Such a development comes after a similar exploitation of CUPS bugs in exposed UNIX systems was reported by Risky Biz.