Sensitive Information Disclosure in Canon IJ Network Tool for macOS
CVE-2023-1764
6.5MEDIUM
Summary
The Canon IJ Network Tool, versions 4.7.5 and earlier, supports various macOS versions and contains a vulnerability that allows attackers to access sensitive information regarding the Wi-Fi connection setup of connected printers. This security flaw arises from insecure communications within the software, enabling unauthorized users to potentially intercept vital configuration details.
Affected Version(s)
Canon IJ NW Tool Ver.4.7.5 and earlier (supported OS: OS X 10.9.5-macOS 13),Ver.4.7.3 and earlier (supported OS: OS X 10.7.5-OS X 10.8)
References
CVSS V3.1
Score:
6.5
Severity:
MEDIUM
Confidentiality:
High
Integrity:
None
Availability:
High
Attack Vector:
Adjacent Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged
Timeline
Vulnerability published
Vulnerability Reserved