Kritphong Mongkhonvanit

**Name of the Vulnerable Software and Affected Versions** sane-backends version 1.0.25 **Description** The issue is related to insufficient protection of internal data in the sane-backends package. It can be exploited by a remote attacker using a specially crafted SANE NET CONTROL OPTION packet to compromise data confidentiality. This may allow the attacker to obtain sensitive memory information. **Recommendations** For version 1.0.25, consider restricting access to the `SANE NET CONTROL OPTION` packet to minimize the risk of exploitation until a patch is available.