CUPS is installed on the majority of desktop systems. One of the listed CVEs indicates that port 631 is by default open to the local network, so if you connect to any shared network (public WiFi, work/school network, even your home network if another compromised device gets connected to it) you're exposed. Or a browser flaw or other vulnerability could be exploited to forward a packet to that port.

In other words: While access to port 631 is required first, the severity of the vulnerability lies in how damn easy it is to take over a system after that. And the system can be re-compromised any time you print something, making this a persistent vector.

[–] curbstickle@lemmy.dbzer0.com -1 points 1 year ago (1 children)

Yes.

Its nowhere near the risk that was claimed.

[–] Toes@ani.social 0 points 1 year ago (2 children)

Basically an unauthenticated perl interpreter with root open to the network by default in most configurations across a couple decades.

It's about as bad as it can be?

[–] progandy@feddit.org 1 points 1 year ago

Is it common for cups to run as root? It should have its own user, but that is still not good.

[–] curbstickle@lemmy.dbzer0.com -1 points 1 year ago

Compared to the original claim that it was kernel level and spread across literally everything?

No, no its not as bad as it was originally claimed.

Is it bad? Yes. Is it kernel level bad? No. It can easily be mitigated before a fix is out by blocking 631 and dns-sd traffic. It is not as bad as it was claimed to be.