CVE-2023-6233

Name of the Vulnerable Software and Affected Versions Satera LBP670C Series/Satera MF750C Series firmware versions 03.07 and earlier Color imageCLASS LBP674C/Color imageCLASS X LBP1333C/Color imageCLASS MF750C Series/Color imageCLASS X MF1333C Series firmware versions 03.07 and earlier i-SENSYS LBP673Cdw/C1333P/i-SENSYS MF750C Series/C1333i Series firmware versions 03.07 and earlier Canon imageCLASS MF753Cdw firmware versions prior to the fixed version

Description A buffer overflow in the SLP attribute request process of Office Multifunction Printers and Laser Printers may allow an attacker on the network segment to trigger the affected product being unresponsive or to execute arbitrary code. This issue affects devices sold in Japan, the US, and Europe. The estimated number of potentially affected devices worldwide is not specified.

Recommendations For Satera LBP670C Series/Satera MF750C Series firmware versions 03.07 and earlier, update to a version later than 03.07. For Color imageCLASS LBP674C/Color imageCLASS X LBP1333C/Color imageCLASS MF750C Series/Color imageCLASS X MF1333C Series firmware versions 03.07 and earlier, update to a version later than 03.07. For i-SENSYS LBP673Cdw/C1333P/i-SENSYS MF750C Series/C1333i Series firmware versions 03.07 and earlier, update to a version later than 03.07. For Canon imageCLASS MF753Cdw, update to a version that fixes the SLP service-url Stack-based Buffer Overflow Remote Code Execution Vulnerability. As a temporary workaround, consider restricting access to the SLP service-url to minimize the risk of exploitation.