PT-2024-2219 · Canon+1 · I-Sensys Lbp660C Series+27

Published

2024-03-08

·

Updated

2024-03-12

·

CVE-2024-2184

CVSS v3.1

10

Critical

VectorAV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Name of the Vulnerable Software and Affected Versions Canon i-SENSYS and Color imageCLASS series printers and multifunctional devices versions prior to firmware v12.07 and v03.09 Satera MF740C Series/Satera MF640C Series/Satera LBP660C Series/Satera LBP620C Series firmware v12.07 and earlier Satera MF750C Series/Satera LBP670C Series firmware v03.09 and earlier Color imageCLASS MF740C Series/Color imageCLASS MF640C Series/Color imageCLASS X MF1127C/Color imageCLASS LBP664Cdw/Color imageCLASS LBP622Cdw/Color imageCLASS X LBP1127C firmware v12.07 and earlier Color imageCLASS MF750C Series/Color imageCLASS X MF1333C/Color imageCLASS LBP674Cdw/Color imageCLASS X LBP1333C firmware v03.09 and earlier i-SENSYS MF740C Series/i-SENSYS MF640C Series/C1127i Series/i-SENSYS LBP660C Series/i-SENSYS LBP620C Series/C1127P firmware v12.07 and earlier i-SENSYS MF750C Series/C1333i Series/i-SENSYS LBP673Cdw/C1333P firmware v03.09 and earlier
Description The issue is related to a buffer overflow in the identifier field of the WSD probe request process of Canon printers and multifunctional devices. This can allow a remote attacker to execute arbitrary code or cause a denial of service.
Recommendations For Satera MF740C Series/Satera MF640C Series/Satera LBP660C Series/Satera LBP620C Series, update to firmware version later than v12.07. For Satera MF750C Series/Satera LBP670C Series, update to firmware version later than v03.09. For Color imageCLASS MF740C Series/Color imageCLASS MF640C Series/Color imageCLASS X MF1127C/Color imageCLASS LBP664Cdw/Color imageCLASS LBP622Cdw/Color imageCLASS X LBP1127C, update to firmware version later than v12.07. For Color imageCLASS MF750C Series/Color imageCLASS X MF1333C/Color imageCLASS LBP674Cdw/Color imageCLASS X LBP1333C, update to firmware version later than v03.09. For i-SENSYS MF740C Series/i-SENSYS MF640C Series/C1127i Series/i-SENSYS LBP660C Series/i-SENSYS LBP620C Series/C1127P, update to firmware version later than v12.07. For i-SENSYS MF750C Series/C1333i Series/i-SENSYS LBP673Cdw/C1333P, update to firmware version later than v03.09.

Fix

Memory Corruption

Weakness Enumeration

CWE-787

Related Identifiers

BDU:2024-02147
CVE-2024-2184

Affected Products

C1127P
C1127I Series
C1333P
C1333I Series
Canon I-Sensys
Color Imageclass
Color Imageclass Lbp622Cdw
Color Imageclass Lbp664Cdw
Color Imageclass Lbp674C
Color Imageclass Mf640C Series
Color Imageclass Mf740C Series
Color Imageclass Mf750C Series
Color Imageclass X Lbp1127C
Color Imageclass X Lbp1333C
Color Imageclass X Mf1127C
Color Imageclass X Mf1333C
Satera Lbp620C Series
Satera Lbp660C Series
Satera Lbp670C Series
Satera Mf640C Series
Satera Mf740C Series
Satera Mf750C Series
I-Sensys Lbp620C Series
I-Sensys Lbp660C Series
I-Sensys Lbp673Cdw
I-Sensys Mf640C Series
I-Sensys Mf740C Series
I-Sensys Mf750C Series