Arbitrary Code Execution Vulnerability in Canon ImageCLASS Printers
CVE-2022-24674

8.8HIGH

Key Information:

Vendor

Canon

Status
Imageclass Mf644cdw
Vendor
CVE Published:
28 March 2023

What is CVE-2022-24674?

This vulnerability affects the Canon imageCLASS MF644Cdw printer model, allowing network-adjacent attackers to execute arbitrary code without requiring any form of authentication. The vulnerability is found within the privet API, which lacks proper validation of user-supplied data lengths. This flaw enables malicious actors to exploit the fixed-length stack-based buffer, executing code with root privileges, thereby compromising the device and potentially affecting the network it operates on. For more information, refer to the advisory by the Zero Day Initiative and Canon's official support page.

Affected Version(s)

imageCLASS MF644Cdw 10.02

References

https://www.zerodayinitiative.com/advisories/ZDI-22-516/
https://www.usa.canon.com/internet/portal/us/home/support...

CVSS V3.1

Score:
8.8
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Adjacent Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged

CVSS V3.0

Score:
8.8
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Adjacent Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

Credit

Nicolas Devillers ( @nikaiw ), Jean-Romain Garnier and Raphael Rigo ( @_trou_ )
.