Buffer Overflow Vulnerability in Canon Multifunction Printers
CVE-2023-0852

9.8CRITICAL

Key Information:

Summary

A buffer overflow vulnerability has been identified in the Address Book function of Office and Small Office Multifunction Printers and Laser Printers manufactured by Canon. An attacker on the same network segment could exploit this weakness, potentially leading to the device becoming unresponsive or allowing arbitrary code execution. This vulnerability affects several printer models sold across various regions, including Japan, the United States, and Europe, particularly those running firmware version 11.04 or earlier.

Affected Version(s)

Canon Office/Small Office Multifunction Printers and Laser Printers Satera LBP660C Series/LBP620C Series/MF740C Series/MF640C Series firmware Ver.11.04 and earlier sold in Japan. Color imageCLASS LBP660C Series/LBP 620C Series/X LBP1127C/MF740C Series/MF640C Series/X MF1127C firmware Ver.11.04 and earlier sold in US. i-SENSYS LBP660C Series/LBP620C Series/MF740C Series/MF640C Series, C1127P, C1127iF, C1127i firmware Ver.11.04 and earlier sold in Europe.

References

CVSS V3.1

Score:
9.8
Severity:
CRITICAL
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.