CVE-2023-0856

Name of the Vulnerable Software and Affected Versions Canon imageCLASS series versions prior to firmware Ver.11.04 Canon Office / Small Office Multifunction Printers and Laser Printers versions prior to firmware Ver.11.04

Description The issue is related to a buffer overflow in the IPP sides attribute process, which may allow an attacker on the network segment to trigger the affected product being unresponsive or to execute arbitrary code. This is a result of a vulnerability in the implementation of the Internet Printing Protocol (IPP) in the firmware of Canon printers.

Recommendations For Canon imageCLASS series with firmware Ver.11.04 and earlier, update the firmware to a version later than Ver.11.04. For Canon Office / Small Office Multifunction Printers and Laser Printers with firmware Ver.11.04 and earlier, update the firmware to a version later than Ver.11.04. As a temporary workaround, consider restricting access to the IPP protocol until a patch is available.