Lucene search

F98c90f0-e9bd-4fa7-911b-51993f3571fdCVE-2023-0852

HistoryMay 11, 2023 - 1:15 p.m.

CVE-2023-0852

2023-05-1113:15:11

CWE-787

CWE-121

f98c90f0-e9bd-4fa7-911b-51993f3571fd

web.nvd.nist.gov

cve-2023-0852

buffer overflow

address book

mobile device

printers

security vulnerability

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

9.8 High

AI Score

Confidence

High

0.002 Low

EPSS

Percentile

58.5%

JSON

Buffer overflow in the Address Book of Mobile Device function of Office / Small Office Multifunction Printers and Laser Printers(*) which may allow an attacker on the network segment to trigger the affected product being unresponsive or to execute arbitrary code. *:Satera LBP660C Series/LBP620C Series/MF740C Series/MF640C Series firmware Ver.11.04 and earlier sold in Japan. Color imageCLASS LBP660C Series/LBP 620C Series/X LBP1127C/MF740C Series/MF640C Series/X MF1127C firmware Ver.11.04 and earlier sold in US. i-SENSYS LBP660C Series/LBP620C Series/MF740C Series/MF640C Series, C1127P, C1127iF, C1127i firmware Ver.11.04 and earlier sold in Europe.

Affected configurations

NVD

Node

canonmf642cdw_firmwareRange≤11.04

AND

canonmf642cdwMatch-

Node

canonmf644cdw_firmwareRange≤11.04

AND

canonmf644cdwMatch-

Node

canonmf741cdw_firmwareRange≤11.04

AND

canonmf741cdwMatch-

Node

canonmf743cdw_firmwareRange≤11.04

AND

canonmf743cdwMatch-

Node

canonmf745cdw_firmwareRange≤11.04

AND

canonmf745cdwMatch-

Node

canonlbp621c_firmwareRange≤11.04

AND

canonlbp621cMatch-

Node

canonlbp622c_firmwareRange≤11.04

AND

canonlbp622cMatch-

Node

canonlbp661c_firmwareRange≤11.04

AND

canonlbp661cMatch-

Node

canonlbp662c_firmwareRange≤11.04

AND

canonlbp662cMatch-

Node

canonlbp664c_firmwareRange≤11.04

AND

canonlbp664cMatch-

Node

canonmf1127c_firmwareRange≤11.04

AND

canonmf1127cMatch-

Node

canonmf262dw_ii_firmwareRange≤11.04

AND

canonmf262dw_iiMatch-

Node

canonmf264dw_ii_firmwareRange≤11.04

AND

canonmf264dw_iiMatch-

Node

canonmf267dw_ii_firmwareRange≤11.04

AND

canonmf267dw_iiMatch-

Node

canonmf269dw_ii_firmwareRange≤11.04

AND

canonmf269dw_iiMatch-

Node

canonmf269dw_vp_ii_firmwareRange≤11.04

AND

canonmf269dw_vp_iiMatch-

Node

canonmf272dw_firmwareRange≤11.04

AND

canonmf272dwMatch-

Node

canonmf273dw_firmwareRange≤11.04

AND

canonmf273dwMatch-

Node

canonmf275dw_firmwareRange≤11.04

AND

canonmf275dwMatch-

Node

canonmf641cw_firmwareRange≤11.04

AND

canonmf641cwMatch-

Node

canonmf746cdw_firmwareRange≤11.04

AND

canonmf746cdwMatch-

Node

canonlbp122dw_firmwareRange≤11.04

AND

canonlbp122dwMatch-

Node

canonlbp1127c_firmwareRange≤11.04

AND

canonlbp1127cMatch-

Node

canonlbp622cdw_firmwareRange≤11.04

AND

canonlbp622cdwMatch-

Node

canonlbp623cdw_firmwareRange≤11.04

AND

canonlbp623cdwMatch-

Node

canonlbp664cdw_firmwareRange≤11.04

AND

canonlbp664cdwMatch-

Node

canonimageprograf_tc-20_firmwareRange≤11.04

AND

canonimageprograf_tc-20Match-

Node

canonimageprograf_tc-20m_firmwareRange≤11.04

AND

canonimageprograf_tc-20mMatch-

Node

canonpixma_g3270_firmwareRange≤11.04

AND

canonpixma_g3270Match-

Node

canonpixma_g4270_firmwareRange≤11.04

AND

canonpixma_g4270Match-

Node

canonmaxify_gx3020_firmwareRange≤11.04

AND

canonmaxify_gx3020Match-

Node

canonmaxify_gx4020_firmwareRange≤11.04

AND

canonmaxify_gx4020Match-

Node

canoni-sensys_lbp621cw_firmwareRange≤11.04

AND

canoni-sensys_lbp621cwMatch-

Node

canoni-sensys_lbp623cdw_firmwareRange≤11.04

AND

canoni-sensys_lbp623cdwMatch-

Node

canoni-sensys_lbp633cdw_firmwareRange≤11.04

AND

canoni-sensys_lbp633cdwMatch-

Node

canoni-sensys_lbp664cx_firmwareRange≤11.04

AND

canoni-sensys_lbp664cxMatch-

Node

canoni-sensys_mf641cw_firmwareRange≤11.04

AND

canoni-sensys_mf641cwMatch-

Node

canoni-sensys_mf643cdw_firmwareRange≤11.04

AND

canoni-sensys_mf643cdwMatch-

Node

canoni-sensys_mf645cx_firmwareRange≤11.04

AND

canoni-sensys_mf645cxMatch-

Node

canoni-sensys_mf742cdw_firmwareRange≤11.04

AND

canoni-sensys_mf742cdwMatch-

Node

canoni-sensys_mf744cdw_firmwareRange≤11.04

AND

canoni-sensys_mf744cdwMatch-

Node

canoni-sensys_mf746cx_firmwareRange≤11.04

AND

canoni-sensys_mf746cxMatch-

Node

canoni-sensys_x_c1127i_firmwareRange≤11.04

AND

canoni-sensys_x_c1127iMatch-

Node

canoni-sensys_x_c1127if_firmwareRange≤11.04

AND

canoni-sensys_x_c1127ifMatch-

Node

canoni-sensys_x_c1127p_firmwareRange≤11.04

AND

canoni-sensys_x_c1127pMatch-

CPENameOperatorVersion
canon:mf642cdw_firmwarecanon mf642cdw firmwarele11.04

CPE	Name	Operator	Version
canon:mf642cdw_firmware	canon mf642cdw firmware	le	11.04

CNA Affected

[
  {
    "vendor": "Canon Inc.",
    "product": "Canon Office/Small Office Multifunction Printers and Laser Printers",
    "versions": [
      {
        "version": "Satera LBP660C Series/LBP620C Series/MF740C Series/MF640C Series firmware Ver.11.04 and earlier sold in Japan. Color imageCLASS LBP660C Series/LBP 620C Series/X LBP1127C/MF740C Series/MF640C Series/X MF1127C firmware Ver.11.04 and earlier sold in US. i-SENSYS LBP660C Series/LBP620C Series/MF740C Series/MF640C Series, C1127P, C1127iF, C1127i firmware Ver.11.04 and earlier sold in Europe.",
        "status": "affected"
      }
    ]
  }
]

References

canon.jp/support/support-info/230414vulnerability-response

psirt.canon/advisory-information/cp2023-001/

www.canon-europe.com/support/product-security-latest-news/

www.usa.canon.com/support/canon-product-advisories/Service-Notice-Vulnerabilities-Remediation-Against-Buffer-Overflow

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

9.8 High

AI Score

Confidence

High

0.002 Low

EPSS

Percentile

58.5%

JSON

Related for CVE-2023-0852