CVE-2023-6234

Name of the Vulnerable Software and Affected Versions Canon imageCLASS MF753Cdw firmware version 03.07 and earlier Satera LBP670C Series/Satera MF750C Series firmware v03.07 and earlier Color imageCLASS LBP674C/Color imageCLASS X LBP1333C/Color imageCLASS MF750C Series/Color imageCLASS X MF1333C Series firmware v03.07 and earlier i-SENSYS LBP673Cdw/C1333P/i-SENSYS MF750C Series/C1333i Series firmware v03.07 and earlier

Description A buffer overflow vulnerability exists in the CPCA Color LUT Resource Download process of Canon Office Multifunction Printers and Laser Printers. This issue may allow an attacker on the network segment to trigger the affected product being unresponsive or to execute arbitrary code. The vulnerability can be exploited by network-adjacent attackers without requiring authentication.

Recommendations For Canon imageCLASS MF753Cdw firmware version 03.07 and earlier, update to a newer version that contains a fix for this issue. For Satera LBP670C Series/Satera MF750C Series firmware v03.07 and earlier, update to a newer version that contains a fix for this issue. For Color imageCLASS LBP674C/Color imageCLASS X LBP1333C/Color imageCLASS MF750C Series/Color imageCLASS X MF1333C Series firmware v03.07 and earlier, update to a newer version that contains a fix for this issue. For i-SENSYS LBP673Cdw/C1333P/i-SENSYS MF750C Series/C1333i Series firmware v03.07 and earlier, update to a newer version that contains a fix for this issue. As a temporary workaround, consider disabling the setResource function until a patch is available.