CVE-2023-0851

Name of the Vulnerable Software and Affected Versions Canon imageCLASS series versions prior to firmware Ver.11.04 Canon imageCLASS LBP660C Series/LBP620C Series/MF740C Series/MF640C Series versions prior to firmware Ver.11.04 Canon i-SENSYS LBP660C Series/LBP620C Series/MF740C Series/MF640C Series versions prior to firmware Ver.11.04 Canon Satera LBP660C Series/LBP620C Series/MF740C Series/MF640C Series versions prior to firmware Ver.11.04 Canon PIXMA, MAXIFY, and imagePROGRAF versions (affected versions not specified)

Description The issue is related to a buffer overflow in the CPCA Resource Download process of Canon printers, which may allow an attacker on the network segment to trigger the affected product being unresponsive or to execute arbitrary code. The vulnerability is also associated with the cmNetBiosParseName function and the resourceStart2 and setResource functions in the CADM module.

Recommendations For Canon imageCLASS series versions prior to firmware Ver.11.04: Update to firmware Ver.11.05 or later. For Canon imageCLASS LBP660C Series/LBP620C Series/MF740C Series/MF640C Series versions prior to firmware Ver.11.04: Update to firmware Ver.11.05 or later. For Canon i-SENSYS LBP660C Series/LBP620C Series/MF740C Series/MF640C Series versions prior to firmware Ver.11.04: Update to firmware Ver.11.05 or later. For Canon Satera LBP660C Series/LBP620C Series/MF740C Series/MF640C Series versions prior to firmware Ver.11.04: Update to firmware Ver.11.05 or later. For Canon PIXMA, MAXIFY, and imagePROGRAF versions: At the moment, there is no information about a newer version that contains a fix for this vulnerability.