Buffer Overflow in Canon Office Multifunction Printers and Laser Printers
CVE-2023-0856

9.8CRITICAL

Key Information:

Summary

A vulnerability has been identified in Canon's Office Multifunction Printers and Laser Printers due to a buffer overflow in the IPP sides attribute processing. This flaw may allow an attacker on the same network segment to potentially disrupt the functionality of the affected printers or execute arbitrary code. This issue impacts several models within the Satera, Color imageCLASS, and i-SENSYS product lines, particularly those with firmware version 11.04 and earlier. Users are advised to review guidance provided by Canon for effective remediation steps.

Affected Version(s)

Canon Office/Small Office Multifunction Printers and Laser Printers Satera LBP660C Series/LBP620C Series/MF740C Series/MF640C Series firmware Ver.11.04 and earlier sold in Japan. Color imageCLASS LBP660C Series/LBP 620C Series/X LBP1127C/MF740C Series/MF640C Series/X MF1127C firmware Ver.11.04 and earlier sold in US. i-SENSYS LBP660C Series/LBP620C Series/MF740C Series/MF640C Series, C1127P, C1127iF, C1127i firmware Ver.11.04 and earlier sold in Europe.

References

CVSS V3.1

Score:
9.8
Severity:
CRITICAL
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.