CVE-2023-0853

🗓️ 11 May 2023 00:00:00Reported by CanonType

Buffer overflow in mDNS NSEC record registering process of certain Office / Small Office Printers, allowing network attacker to render unresponsive or execute code

Reporter	Title	Published	Views	Family All 11
BDU FSTEC	The vulnerability of the mDNS processing routines in Canon’s printer microprogramming systems of the imageCLASS D, imageCLASS MF, imageCLASS LBP, imagePROGRAF, PIXMA, MAXIFY series allows a hacker to execute arbitrary code.	6 Dec 202300:00	–	bdu_fstec
Circl	CVE-2023-0853	11 May 202316:15	–	circl
CNNVD	多款Canon产品缓冲区错误漏洞	11 May 202300:00	–	cnnvd
CVE	CVE-2023-0853	11 May 202300:00	–	cve
EUVD	EUVD-2023-12851	3 Oct 202520:07	–	euvd
NVD	CVE-2023-0853	11 May 202313:15	–	nvd
Prion	Buffer overflow	11 May 202313:15	–	prion
Positive Technologies	PT-2023-7445 · Canon · I-Sensys Mf640C Series +10	4 May 202300:00	–	ptsecurity
RedhatCVE	CVE-2023-0853	23 May 202505:41	–	redhatcve
Vulnrichment	CVE-2023-0853	11 May 202300:00	–	vulnrichment

[
  {
    "vendor": "Canon Inc.",
    "product": "Canon Office/Small Office Multifunction Printers and Laser Printers",
    "versions": [
      {
        "version": "Satera LBP660C Series/LBP620C Series/MF740C Series/MF640C Series firmware Ver.11.04 and earlier sold in Japan. Color imageCLASS LBP660C Series/LBP 620C Series/X LBP1127C/MF740C Series/MF640C Series/X MF1127C firmware Ver.11.04 and earlier sold in US. i-SENSYS LBP660C Series/LBP620C Series/MF740C Series/MF640C Series, C1127P, C1127iF, C1127i firmware Ver.11.04 and earlier sold in Europe.",
        "status": "affected"
      }
    ]
  }
]

Source	Link
usa	www.usa.canon.com/support/canon-product-advisories/Service-Notice-Vulnerabilities-Remediation-Against-Buffer-Overflow
canon-europe	www.canon-europe.com/support/product-security-latest-news/
canon	www.canon.jp/support/support-info/230414vulnerability-response
psirt	www.psirt.canon/advisory-information/cp2023-001/

11 May 2023 00:00Current

10High risk

Vulners AI Score10

CVSS 3.19.8

EPSS0.00512

CWE-121