Canon patches seven critical vulnerabilities in its printers

Canon has released patches for seven critical vulnerabilities in small business printers. Affected models in different regions include the i-SENSYS LBP673Cdw, MF752Cdw, MF754Cdw, C1333i, C1333iF and C1333P in Europe; imageCLASS MF753CDW, MF751CDW, MF1333C, LBP674CDW and LBP1333C in North America; and the Satera LBP670C and MF750C series in Japan. The vulnerabilities affect firmware versions 03.07 and earlier.

All of the resolved bugs are related to buffer overflows and can be used remotely to execute code (RCE) or shut down the device, rendering it unresponsive.

“With a direct connection to the Internet without the use of a router, an attacker can conduct a DoS attack or execute arbitrary code on the device over the Internet,” Canon reports.

The identified vulnerabilities have been assigned identifiers CVE-2023-6229 through CVE-2023-6234 and CVE-2024-0244. According to Japanese portal JVN, they are rated 9.8 out of 10 on the CVSS scale.

The company notes that while there have been no reports of abuse of these vulnerabilities, it is recommended that all owners of vulnerable devices install updated firmware versions immediately.

0 / 5

Your page rank:

Subscribe: YouTube page opens in new windowLinkedin page opens in new windowTelegram page opens in new window

Leave a Reply

Your email address will not be published. Required fields are marked *

Post comment