How to fix CVE-2025-58060?

Within 7 days: Identify all affected systems and apply vendor patches promptly. Audit authentication configurations and rotate any potentially compromised credentials.

Is Cups affected by CVE-2025-58060?

Organizations using OpenPrinting CUPS face notable risk from CVE-2025-58060, a improper authentication vulnerability rated CVSS 8.0. Attackers could bypass security controls to gain unauthorized access to protected resources and sensitive data.

CVE-2025-58060

HIGH

2025-09-11 [email protected]

8.0

CVSS 3.1

CVSS Vector

CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:H

Attack Vector

Local

Attack Complexity

Low

Privileges Required

None

User Interaction

None

Scope

Unchanged

Confidentiality

Low

Integrity

High

Availability

High

Lifecycle Timeline

Analysis Generated

Mar 28, 2026 - 19:11 vuln.today

Patch Released

Mar 28, 2026 - 19:11 nvd

Patch available

PoC Detected

Nov 04, 2025 - 22:16 vuln.today

Public exploit code

CVE Published

Sep 11, 2025 - 18:15 nvd

HIGH 8.0

Description

OpenPrinting CUPS is an open source printing system for Linux and other Unix-like operating systems. In versions 2.4.12 and earlier, when the `AuthType` is set to anything but `Basic`, if the request contains an `Authorization: Basic ...` header, the password is not checked. This results in authentication bypass. Any configuration that allows an `AuthType` that is not `Basic` is affected. Version 2.4.13 fixes the issue.

Analysis

OpenPrinting CUPS is an open source printing system for Linux and other Unix-like operating systems. Rated high severity (CVSS 8.0), this vulnerability is no authentication required, low attack complexity. Public exploit code available.

Technical Context

This vulnerability is classified as Improper Authentication (CWE-287), which allows attackers to bypass authentication mechanisms to gain unauthorized access. OpenPrinting CUPS is an open source printing system for Linux and other Unix-like operating systems. In versions 2.4.12 and earlier, when the `AuthType` is set to anything but `Basic`, if the request contains an `Authorization: Basic ...` header, the password is not checked. This results in authentication bypass. Any configuration that allows an `AuthType` that is not `Basic` is affected. Version 2.4.13 fixes the issue. Affected products include: Openprinting Cups. Version information: Version 2.4.13.

Affected Products

Openprinting Cups.

Remediation

A vendor patch is available. Apply the latest security update as soon as possible. Implement multi-factor authentication, enforce strong password policies, use proven authentication frameworks.

Priority Score

Low Medium High Critical

KEV: 0

EPSS: +0.0

CVSS: +40

POC: +20

Vendor Status

CVE-2025-58060 vulnerability details – vuln.today

Back

CVE-2025-58060

CVSS Vector

Lifecycle Timeline

Tags

Description

Analysis

Technical Context

Affected Products

Remediation

Priority Score

Vendor Status

Share

CVE-2025-58060

CVSS Vector

Lifecycle Timeline

Tags

Description

Analysis

Technical Context

Affected Products

Remediation

Priority Score

Vendor Status

Share

External POC / Exploit Code