Skip to main content
Skip table of contents

ISN 2025-41: CUPS Vulnerability

First published 1 October 2025

CVSS:3.1: 8.8 (High)

CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:H

Summary

A security vulnerability has been found in CUPS, an open-source printing system used in IGEL OS. This affects the following product versions:

  • IGEL OS 12

  • IGEL OS 11

Details

It has been found that CUPS suffers from an authentication bypass: If the AuthType is set to anything but Basic, and the request contains an `Authorization: Basic ...` header, the password is not checked. This is tracked as CVE-2025-58060 and rated as high.

Update Instructions

  • OS 12: Update to the IGEL OS base system app in version 12.7.3 or newer when available from the IGEL App Portal.

  • OS 11: Update to IGEL OS version 11.11.100 when available.

References

JavaScript errors detected

Please note, these errors can depend on your browser setup.

If this problem persists, please contact our support.

Contact Support Close