Lucene search

F98c90f0-e9bd-4fa7-911b-51993f3571fdCVE-2024-0244

HistoryFeb 06, 2024 - 1:15 a.m.

CVE-2024-0244

2024-02-0601:15:09

CWE-787

f98c90f0-e9bd-4fa7-911b-51993f3571fd

web.nvd.nist.gov

cve-2024-0244

buffer overflow

cpca pcfax

multifunction printers

laser printers

security vulnerability

firmware

office equipment

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

9.8 High

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

47.8%

JSON

Buffer overflow in CPCA PCFAX number process of Office Multifunction Printers and Laser Printers() which may allow an attacker on the network segment to trigger the affected product being unresponsive or to execute arbitrary code.:Satera MF750C Series firmware v03.07 and earlier sold in Japan. Color imageCLASS MF750C Series/Color imageCLASS X MF1333C firmware v03.07 and earlier sold in US. i-SENSYS MF754Cdw/C1333iF firmware v03.07 and earlier sold in Europe.

Affected configurations

NVD

Node

canoni-sensys_mf754cdwMatch-

AND

canoni-sensys_mf754cdw_firmwareRange≤03.07

Node

canoni-sensys_x_c1333ifMatch-

AND

canoni-sensys_x_c1333if_firmwareRange≤03.07

Node

canonmf755cdwMatch-

AND

canonmf755cdw_firmwareRange≤03.07

Node

canonmf753cdwMatch-

AND

canonmf753cdw_firmwareRange≤03.07

Node

canonmf751cdwMatch-

AND

canonmf751cdw_firmwareRange≤03.07

Node

canonmf1333cMatch-

AND

canonmf1333c_firmwareRange≤03.07

Node

canonlbp1333cMatch-

AND

canonlbp1333c_firmwareRange≤03.07

CPENameOperatorVersion
canon:i-sensys_mf754cdw_firmwarecanon i-sensys mf754cdw firmwarele03.07

CPE	Name	Operator	Version
canon:i-sensys_mf754cdw_firmware	canon i-sensys mf754cdw firmware	le	03.07

CNA Affected

[
  {
    "defaultStatus": "unaffected",
    "product": "Satera MF750C Series",
    "vendor": "Canon Inc.",
    "versions": [
      {
        "status": "affected",
        "version": "03.07 and earlier"
      }
    ]
  },
  {
    "defaultStatus": "unaffected",
    "product": "Color imageCLASS MF750C Series",
    "vendor": "Canon Inc.",
    "versions": [
      {
        "status": "affected",
        "version": "03.07 and earlier"
      }
    ]
  },
  {
    "defaultStatus": "unaffected",
    "product": "Color imageCLASS X MF1333C",
    "vendor": "Canon Inc.",
    "versions": [
      {
        "status": "affected",
        "version": "03.07 and earlier"
      }
    ]
  },
  {
    "defaultStatus": "unaffected",
    "product": "i-SENSYS MF754Cdw",
    "vendor": "Canon Inc.",
    "versions": [
      {
        "status": "affected",
        "version": "03.07 and earlier"
      }
    ]
  },
  {
    "defaultStatus": "unaffected",
    "product": "C1333iF",
    "vendor": "Canon Inc.",
    "versions": [
      {
        "status": "affected",
        "version": "03.07 and earlier"
      }
    ]
  }
]

References

canon.jp/support/support-info/240205vulnerability-response

psirt.canon/advisory-information/cp2024-001/

www.canon-europe.com/support/product-security-latest-news/

www.usa.canon.com/support/canon-product-advisories/Service-Notice-Regarding-Vulnerability-Measure-Against-Buffer-Overflow-for-Laser-Printers-and-Small-Office-Multifunctional-Printers

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

9.8 High

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

47.8%

JSON

Related for CVE-2024-0244