Lucene search

CanonVULNRICHMENT:CVE-2023-6234

HistoryFeb 06, 2024 - 12:23 a.m.

CVE-2023-6234

2024-02-0600:23:28

CWE-787

Canon

github.com

buffer overflow

cpca

color lut

office multifunction printers

laser printers

network segment

arbitrary code

firmware

satera lbp670c series

satera mf750c series

color imageclass lbp674c

color imageclass x lbp1333c

color imageclass mf750c series

color imageclass x mf1333c series

i-sensys lbp673cdw

c1333p

i-sensys mf750c series

c1333i series

japan

europe

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

7.8 High

AI Score

Confidence

Low

0.001 Low

EPSS

Percentile

48.1%

JSON

Buffer overflow in CPCA Color LUT Resource Download process of Office Multifunction Printers and Laser Printers() which may allow an attacker on the network segment to trigger the affected product being unresponsive or to execute arbitrary code.: Satera LBP670C Series/Satera MF750C Series firmware v03.07 and earlier sold in Japan. Color imageCLASS LBP674C/Color imageCLASS X LBP1333C/Color imageCLASS MF750C Series/Color imageCLASS X MF1333C Series firmware v03.07 and earlier sold in US. i-SENSYS LBP673Cdw/C1333P/i-SENSYS MF750C Series/C1333i Series firmware v03.07 and earlier sold in Europe.

CNA Affected

[
  {
    "defaultStatus": "unaffected",
    "product": "Satera LBP670C Series",
    "vendor": "Canon Inc.",
    "versions": [
      {
        "status": "affected",
        "version": "03.07 and earlier"
      }
    ]
  },
  {
    "defaultStatus": "unaffected",
    "product": "Satera MF750C Series",
    "vendor": "Canon Inc.",
    "versions": [
      {
        "status": "affected",
        "version": "03.07 and earlier"
      }
    ]
  },
  {
    "defaultStatus": "unaffected",
    "product": "Color imageCLASS LBP674C",
    "vendor": "Canon Inc.",
    "versions": [
      {
        "status": "affected",
        "version": "03.07 and earlier"
      }
    ]
  },
  {
    "defaultStatus": "unaffected",
    "product": "Color imageCLASS X LBP1333C",
    "vendor": "Canon Inc.",
    "versions": [
      {
        "status": "affected",
        "version": "03.07 and earlier"
      }
    ]
  },
  {
    "defaultStatus": "unaffected",
    "product": "Color imageCLASS MF750C Series",
    "vendor": "Canon Inc.",
    "versions": [
      {
        "status": "affected",
        "version": "03.07 and earlier"
      }
    ]
  },
  {
    "defaultStatus": "unaffected",
    "product": "Color imageCLASS X MF1333C Series",
    "vendor": "Canon Inc.",
    "versions": [
      {
        "status": "affected",
        "version": "03.07 and earlier"
      }
    ]
  },
  {
    "defaultStatus": "unaffected",
    "product": "i-SENSYS LBP673Cdw",
    "vendor": "Canon Inc.",
    "versions": [
      {
        "status": "affected",
        "version": "03.07 and earlier"
      }
    ]
  },
  {
    "defaultStatus": "unaffected",
    "product": "C1333P",
    "vendor": "Canon Inc.",
    "versions": [
      {
        "status": "affected",
        "version": "03.07 and earlier"
      }
    ]
  },
  {
    "defaultStatus": "unaffected",
    "product": "i-SENSYS MF750C Series",
    "vendor": "Canon Inc.",
    "versions": [
      {
        "status": "affected",
        "version": "03.07 and earlier"
      }
    ]
  },
  {
    "defaultStatus": "unaffected",
    "product": "C1333i Series",
    "vendor": "Canon Inc.",
    "versions": [
      {
        "status": "affected",
        "version": "03.07 and earlier"
      }
    ]
  }
]

References

canon.jp/support/support-info/240205vulnerability-response

psirt.canon/advisory-information/cp2024-001/

www.canon-europe.com/support/product-security-latest-news/

www.usa.canon.com/support/canon-product-advisories/Service-Notice-Regarding-Vulnerability-Measure-Against-Buffer-Overflow-for-Laser-Printers-and-Small-Office-Multifunctional-Printers