PatchSiren cyber security CVE debrief
CVE-2023-27351 PaperCut CVE debrief
CVE-2023-27351 is the official identifier for an improper authentication vulnerability in PaperCut NG/MF. CISA added it to the Known Exploited Vulnerabilities catalog and marked known ransomware campaign use as Known, which makes this an urgent remediation item rather than a routine patch cycle issue. Follow vendor mitigation guidance, use CISA’s required-action guidance for cloud services where applicable, and discontinue use if mitigations are unavailable.
- Vendor
- PaperCut
- Product
- NG/MF
- CVSS
- Unknown
- CISA KEV
- Listed
- Original CVE published
- 2026-04-20
- Original CVE updated
- 2026-04-20
- Advisory published
- 2026-04-20
- Advisory updated
- 2026-04-20
Who should care
Organizations running PaperCut NG/MF, especially security, IT operations, patch management, and vulnerability management teams responsible for remediation and exposure reduction.
Technical summary
The supplied official sources identify CVE-2023-27351 as an improper authentication vulnerability affecting PaperCut NG/MF. The corpus does not provide deeper technical detail, but the CISA KEV listing confirms it is considered actively exploited and includes known ransomware campaign use as part of the risk context.
Defensive priority
Urgent
Recommended defensive actions
- Apply mitigations per the vendor’s instructions for PaperCut NG/MF.
- If you use cloud services, follow the applicable CISA BOD 22-01 guidance referenced by CISA.
- If mitigations are unavailable or cannot be verified, discontinue use of the product.
- Confirm whether your PaperCut NG/MF deployment is exposed and prioritize remediation before the KEV due date.
- Validate remediation status against the official CVE, NVD, and CISA KEV records.
Evidence notes
CISA’s KEV catalog entry for CVE-2023-27351 lists PaperCut NG/MF, sets a due date of 2026-05-04, and marks known ransomware campaign use as Known. The official CVE and NVD records confirm the identifier and vulnerability entry, while the supplied corpus does not include deeper exploit mechanics or vendor advisory text beyond the referenced mitigation note.
Official resources
-
CVE-2023-27351 CVE record
CVE.org
-
CVE-2023-27351 NVD detail
NVD
-
CISA Known Exploited Vulnerabilities catalog
CISA - Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.
-
Source item URL
cisa_kev
Publicly documented by the official CVE record, NVD, and CISA’s Known Exploited Vulnerabilities catalog. CISA added the issue to KEV on 2026-04-20 and set a remediation due date of 2026-05-04.