CVE-2023-0855

Name of the Vulnerable Software and Affected Versions Canon imageCLASS series versions prior to firmware Ver.11.04 Canon LBP series versions prior to firmware Ver.11.04 Canon MF series versions prior to firmware Ver.11.04 Canon i-SENSYS series versions prior to firmware Ver.11.04 Canon PIXMA series (affected versions not specified) Canon MAXIFY series (affected versions not specified) Canon imagePROGRAF series (affected versions not specified)

Description The issue is related to a buffer overflow in the IPP number-up attribute process of Canon printers, which may allow an attacker on the network segment to trigger the affected product being unresponsive or to execute arbitrary code. This can be exploited by a remote attacker.

Recommendations For Canon imageCLASS series versions prior to firmware Ver.11.04, update to firmware Ver.11.05 or later. For Canon LBP series versions prior to firmware Ver.11.04, update to firmware Ver.11.05 or later. For Canon MF series versions prior to firmware Ver.11.04, update to firmware Ver.11.05 or later. For Canon i-SENSYS series versions prior to firmware Ver.11.04, update to firmware Ver.11.05 or later. For Canon PIXMA, MAXIFY, and imagePROGRAF series, at the moment, there is no information about a newer version that contains a fix for this vulnerability.