CVE-2023-0858

Name of the Vulnerable Software and Affected Versions Canon Satera LBP660C Series/LBP620C Series/MF740C Series/MF640C Series versions 11.04 and earlier Canon Color imageCLASS LBP660C Series/LBP620C Series/X LBP1127C/MF740C Series/MF640C Series/X MF1127C versions 11.04 and earlier Canon i-SENSYS LBP660C Series/LBP620C Series/MF740C Series/MF640C Series/C1127P/C1127iF/C1127i versions 11.04 and earlier

Description The issue is related to improper authentication of the RemoteUI in certain Canon office and small office multifunction printers and laser printers. This may allow an attacker on the network segment to trigger unauthorized access to the product.

Recommendations For Canon Satera LBP660C Series/LBP620C Series/MF740C Series/MF640C Series versions 11.04 and earlier, update the firmware to a version later than 11.04. For Canon Color imageCLASS LBP660C Series/LBP620C Series/X LBP1127C/MF740C Series/MF640C Series/X MF1127C versions 11.04 and earlier, update the firmware to a version later than 11.04. For Canon i-SENSYS LBP660C Series/LBP620C Series/MF740C Series/MF640C Series/C1127P/C1127iF/C1127i versions 11.04 and earlier, update the firmware to a version later than 11.04. As a temporary workaround, consider restricting access to the RemoteUI until a patch is available.