CVE-2023-0854

  1. Yack CVE
  2. Vulnerabilities (CVE)
  3. CVE-2023-0854

9.8 /10

CVSS v3 : CRITICAL

V3 Legend

Vector :

Exploitability : 3.9 / Impact : 5.9

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact HIGH

Scope UNCHANGED

B

uffer overflow in NetBIOS QNAME registering and communication process of Office / Small Office Multifunction Printers and Laser Printers(*) which may allow an attacker on the network segment to trigger the affected product being unresponsive or to execute arbitrary code. *:Satera LBP660C Series/LBP620C Series/MF740C Series/MF640C Series firmware Ver.11.04 and earlier sold in Japan. Color imageCLASS LBP660C Series/LBP 620C Series/X LBP1127C/MF740C Series/MF640C Series/X MF1127C firmware Ver.11.04 and earlier sold in US. i-SENSYS LBP660C Series/LBP620C Series/MF740C Series/MF640C Series, C1127P, C1127iF, C1127i firmware Ver.11.04 and earlier sold in Europe.

References
Link Resource
https://canon.jp/support/support-info/230414vulnerability-response
https://psirt.canon/advisory-information/cp2023-001/
https://www.canon-europe.com/support/product-security-latest-news/
https://www.usa.canon.com/support/canon-product-advisories/Service-Notice-Vulnerabilities-Remediation-Against-Buffer-Overflow
https://canon.jp/support/support-info/230414vulnerability-response
https://psirt.canon/advisory-information/cp2023-001/
https://www.canon-europe.com/support/product-security-latest-news/
https://www.usa.canon.com/support/canon-product-advisories/Service-Notice-Vulnerabilities-Remediation-Against-Buffer-Overflow
Configurations

Configuration 1 (hide)

AND
cpe:2.3:o:canon:mf642cdw_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:canon:mf642cdw:-:*:*:*:*:*:*:*

Configuration 2 (hide)

AND
cpe:2.3:o:canon:mf644cdw_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:canon:mf644cdw:-:*:*:*:*:*:*:*

Configuration 3 (hide)

AND
cpe:2.3:o:canon:mf741cdw_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:canon:mf741cdw:-:*:*:*:*:*:*:*

Configuration 4 (hide)

AND
cpe:2.3:o:canon:mf743cdw_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:canon:mf743cdw:-:*:*:*:*:*:*:*

Configuration 5 (hide)

AND
cpe:2.3:o:canon:mf745cdw_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:canon:mf745cdw:-:*:*:*:*:*:*:*

Configuration 6 (hide)

AND
cpe:2.3:o:canon:lbp621c_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:canon:lbp621c:-:*:*:*:*:*:*:*

Configuration 7 (hide)

AND
cpe:2.3:o:canon:lbp622c_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:canon:lbp622c:-:*:*:*:*:*:*:*

Configuration 8 (hide)

AND
cpe:2.3:o:canon:lbp661c_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:canon:lbp661c:-:*:*:*:*:*:*:*

Configuration 9 (hide)

AND
cpe:2.3:o:canon:lbp662c_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:canon:lbp662c:-:*:*:*:*:*:*:*

Configuration 10 (hide)

AND
cpe:2.3:o:canon:lbp664c_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:canon:lbp664c:-:*:*:*:*:*:*:*

Configuration 11 (hide)

AND
cpe:2.3:o:canon:mf1127c_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:canon:mf1127c:-:*:*:*:*:*:*:*

Configuration 12 (hide)

AND
cpe:2.3:o:canon:mf262dw_ii_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:canon:mf262dw_ii:-:*:*:*:*:*:*:*

Configuration 13 (hide)

AND
cpe:2.3:o:canon:mf264dw_ii_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:canon:mf264dw_ii:-:*:*:*:*:*:*:*

Configuration 14 (hide)

AND
cpe:2.3:o:canon:mf267dw_ii_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:canon:mf267dw_ii:-:*:*:*:*:*:*:*

Configuration 15 (hide)

AND
cpe:2.3:o:canon:mf269dw_ii_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:canon:mf269dw_ii:-:*:*:*:*:*:*:*

Configuration 16 (hide)

AND
cpe:2.3:o:canon:mf269dw_vp_ii_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:canon:mf269dw_vp_ii:-:*:*:*:*:*:*:*

Configuration 17 (hide)

AND
cpe:2.3:o:canon:mf272dw_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:canon:mf272dw:-:*:*:*:*:*:*:*

Configuration 18 (hide)

AND
cpe:2.3:o:canon:mf273dw_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:canon:mf273dw:-:*:*:*:*:*:*:*

Configuration 19 (hide)

AND
cpe:2.3:o:canon:mf275dw_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:canon:mf275dw:-:*:*:*:*:*:*:*

Configuration 20 (hide)

AND
cpe:2.3:o:canon:mf641cw_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:canon:mf641cw:-:*:*:*:*:*:*:*

Configuration 21 (hide)

AND
cpe:2.3:o:canon:mf746cdw_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:canon:mf746cdw:-:*:*:*:*:*:*:*

Configuration 22 (hide)

AND
cpe:2.3:o:canon:lbp122dw_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:canon:lbp122dw:-:*:*:*:*:*:*:*

Configuration 23 (hide)

AND
cpe:2.3:o:canon:lbp1127c_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:canon:lbp1127c:-:*:*:*:*:*:*:*

Configuration 24 (hide)

AND
cpe:2.3:o:canon:lbp622cdw_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:canon:lbp622cdw:-:*:*:*:*:*:*:*

Configuration 25 (hide)

AND
cpe:2.3:o:canon:lbp623cdw_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:canon:lbp623cdw:-:*:*:*:*:*:*:*

Configuration 26 (hide)

AND
cpe:2.3:o:canon:lbp664cdw_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:canon:lbp664cdw:-:*:*:*:*:*:*:*

Configuration 27 (hide)

AND
cpe:2.3:o:canon:imageprograf_tc-20_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:canon:imageprograf_tc-20:-:*:*:*:*:*:*:*

Configuration 28 (hide)

AND
cpe:2.3:o:canon:imageprograf_tc-20m_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:canon:imageprograf_tc-20m:-:*:*:*:*:*:*:*

Configuration 29 (hide)

AND
cpe:2.3:o:canon:pixma_g3270_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:canon:pixma_g3270:-:*:*:*:*:*:*:*

Configuration 30 (hide)

AND
cpe:2.3:o:canon:pixma_g4270_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:canon:pixma_g4270:-:*:*:*:*:*:*:*

Configuration 31 (hide)

AND
cpe:2.3:o:canon:maxify_gx3020_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:canon:maxify_gx3020:-:*:*:*:*:*:*:*

Configuration 32 (hide)

AND
cpe:2.3:o:canon:maxify_gx4020_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:canon:maxify_gx4020:-:*:*:*:*:*:*:*

Configuration 33 (hide)

AND
cpe:2.3:o:canon:i-sensys_lbp621cw_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:canon:i-sensys_lbp621cw:-:*:*:*:*:*:*:*

Configuration 34 (hide)

AND
cpe:2.3:o:canon:i-sensys_lbp623cdw_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:canon:i-sensys_lbp623cdw:-:*:*:*:*:*:*:*

Configuration 35 (hide)

AND
cpe:2.3:o:canon:i-sensys_lbp633cdw_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:canon:i-sensys_lbp633cdw:-:*:*:*:*:*:*:*

Configuration 36 (hide)

AND
cpe:2.3:o:canon:i-sensys_lbp664cx_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:canon:i-sensys_lbp664cx:-:*:*:*:*:*:*:*

Configuration 37 (hide)

AND
cpe:2.3:o:canon:i-sensys_mf641cw_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:canon:i-sensys_mf641cw:-:*:*:*:*:*:*:*

Configuration 38 (hide)

AND
cpe:2.3:o:canon:i-sensys_mf643cdw_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:canon:i-sensys_mf643cdw:-:*:*:*:*:*:*:*

Configuration 39 (hide)

AND
cpe:2.3:o:canon:i-sensys_mf645cx_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:canon:i-sensys_mf645cx:-:*:*:*:*:*:*:*

Configuration 40 (hide)

AND
cpe:2.3:o:canon:i-sensys_mf742cdw_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:canon:i-sensys_mf742cdw:-:*:*:*:*:*:*:*

Configuration 41 (hide)

AND
cpe:2.3:o:canon:i-sensys_mf744cdw_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:canon:i-sensys_mf744cdw:-:*:*:*:*:*:*:*

Configuration 42 (hide)

AND
cpe:2.3:o:canon:i-sensys_mf746cx_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:canon:i-sensys_mf746cx:-:*:*:*:*:*:*:*

Configuration 43 (hide)

AND
cpe:2.3:o:canon:i-sensys_x_c1127i_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:canon:i-sensys_x_c1127i:-:*:*:*:*:*:*:*

Configuration 44 (hide)

AND
cpe:2.3:o:canon:i-sensys_x_c1127if_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:canon:i-sensys_x_c1127if:-:*:*:*:*:*:*:*

Configuration 45 (hide)

AND
cpe:2.3:o:canon:i-sensys_x_c1127p_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:canon:i-sensys_x_c1127p:-:*:*:*:*:*:*:*
History

21 Nov 2024, 07:37

Type Values Removed Values Added
References () https://canon.jp/support/support-info/230414vulnerability-response - () https://canon.jp/support/support-info/230414vulnerability-response -
References () https://psirt.canon/advisory-information/cp2023-001/ - () https://psirt.canon/advisory-information/cp2023-001/ -
References () https://www.canon-europe.com/support/product-security-latest-news/ - () https://www.canon-europe.com/support/product-security-latest-news/ -
References () https://www.usa.canon.com/support/canon-product-advisories/Service-Notice-Vulnerabilities-Remediation-Against-Buffer-Overflow - () https://www.usa.canon.com/support/canon-product-advisories/Service-Notice-Vulnerabilities-Remediation-Against-Buffer-Overflow -
Information

Published : 2023-05-11 13:15

Updated : 2024-11-21 07:37

NVD link : CVE-2023-0854

Mitre link : CVE-2023-0854

CVE.ORG link : CVE-2023-0854

JSON object : View

Products Affected

canon

CWE
CWE-122

Heap-based Buffer Overflow

CWE-787

Out-of-bounds Write