Multiple vulnerabilities in Canon Japan Small Office Multifunction Printers and Laser Printers
| Risk | High |
| Patch available | YES |
| Number of vulnerabilities | 7 |
| CVE-ID | CVE-2023-6229 CVE-2023-6230 CVE-2023-6231 CVE-2023-6232 CVE-2023-6233 CVE-2023-6234 CVE-2024-0244 |
| CWE-ID | CWE-787 |
| Exploitation vector | Network |
| Public exploit | N/A |
| Vulnerable software |
LBP674 Hardware solutions / Office equipment, IP-phones, print servers LBP672 Hardware solutions / Office equipment, IP-phones, print servers LBP671C Hardware solutions / Office equipment, IP-phones, print servers MF755Cdw Hardware solutions / Office equipment, IP-phones, print servers MF753Cdw Hardware solutions / Office equipment, IP-phones, print servers MF751Cdw Hardware solutions / Office equipment, IP-phones, print servers |
| Vendor | Canon Japan |
Security Bulletin
This security bulletin contains information about 7 vulnerabilities.
1) Out-of-bounds write
EUVDB-ID: #VU86177
Risk: High
CVSSv4.0: 8.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]
CVE-ID: CVE-2023-6229
CWE-ID:
CWE-787 - Out-of-bounds write
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to compromise vulnerable system.
The vulnerability exists due to a boundary error when processing untrusted input in CPCA PDL Resource Download process. A remote attacker can trigger an out-of-bounds write and execute arbitrary code on the target system.
MitigationInstall updates from vendor's website.
Vulnerable software versionsLBP674: 03.07
LBP672: 03.07
LBP671C: 03.07
MF755Cdw: 03.07
MF753Cdw: 03.07
MF751Cdw: 03.07
CPE2.3- cpe:2.3:h:canon_japan:lbp674:*:*:*:*:*:*:*:*
- cpe:2.3:h:canon_japan:lbp674:03.07:*:*:*:*:*:*:*
- cpe:2.3:h:canon_japan:lbp672:*:*:*:*:*:*:*:*
- cpe:2.3:h:canon_japan:lbp672:03.07:*:*:*:*:*:*:*
- cpe:2.3:h:canon_japan:lbp671c:*:*:*:*:*:*:*:*
- cpe:2.3:h:canon_japan:lbp671c:03.07:*:*:*:*:*:*:*
- cpe:2.3:h:canon_japan:mf755cdw:*:*:*:*:*:*:*:*
- cpe:2.3:h:canon_japan:mf755cdw:03.07:*:*:*:*:*:*:*
- cpe:2.3:h:canon_japan:mf753cdw:*:*:*:*:*:*:*:*
- cpe:2.3:h:canon_japan:mf753cdw:03.07:*:*:*:*:*:*:*
- cpe:2.3:h:canon_japan:mf751cdw:*:*:*:*:*:*:*:*
https://psirt.canon/advisory-information/cp2024-001/
https://canon.jp/support/support-info/240205vulnerability-response
https://jvn.jp/en/vu/JVNVU90033405/index.html
https://www.zerodayinitiative.com/advisories/ZDI-24-089/
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to send a specially crafted request to the affected device in order to exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
2) Out-of-bounds write
EUVDB-ID: #VU86178
Risk: High
CVSSv4.0: 8.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]
CVE-ID: CVE-2023-6230
CWE-ID:
CWE-787 - Out-of-bounds write
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to compromise vulnerable system.
The vulnerability exists due to a boundary error when processing untrusted input in the Address Book password process. A remote attacker can trigger an out-of-bounds write and execute arbitrary code on the target system.
MitigationInstall updates from vendor's website.
Vulnerable software versionsLBP674: 03.07
LBP672: 03.07
LBP671C: 03.07
MF755Cdw: 03.07
MF753Cdw: 03.07
MF751Cdw: 03.07
CPE2.3- cpe:2.3:h:canon_japan:lbp674:*:*:*:*:*:*:*:*
- cpe:2.3:h:canon_japan:lbp674:03.07:*:*:*:*:*:*:*
- cpe:2.3:h:canon_japan:lbp672:*:*:*:*:*:*:*:*
- cpe:2.3:h:canon_japan:lbp672:03.07:*:*:*:*:*:*:*
- cpe:2.3:h:canon_japan:lbp671c:*:*:*:*:*:*:*:*
- cpe:2.3:h:canon_japan:lbp671c:03.07:*:*:*:*:*:*:*
- cpe:2.3:h:canon_japan:mf755cdw:*:*:*:*:*:*:*:*
- cpe:2.3:h:canon_japan:mf755cdw:03.07:*:*:*:*:*:*:*
- cpe:2.3:h:canon_japan:mf753cdw:*:*:*:*:*:*:*:*
- cpe:2.3:h:canon_japan:mf753cdw:03.07:*:*:*:*:*:*:*
- cpe:2.3:h:canon_japan:mf751cdw:*:*:*:*:*:*:*:*
https://psirt.canon/advisory-information/cp2024-001/
https://canon.jp/support/support-info/240205vulnerability-response
https://jvn.jp/en/vu/JVNVU90033405/index.html
https://www.zerodayinitiative.com/advisories/ZDI-24-090/
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to send a specially crafted request to the affected device in order to exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
3) Out-of-bounds write
EUVDB-ID: #VU86179
Risk: High
CVSSv4.0: 8.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]
CVE-ID: CVE-2023-6231
CWE-ID:
CWE-787 - Out-of-bounds write
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to compromise vulnerable system.
The vulnerability exists due to a boundary error when processing untrusted input in WSD probe request process. A remote attacker can trigger an out-of-bounds write and execute arbitrary code on the target system.
MitigationInstall updates from vendor's website.
Vulnerable software versionsLBP674: 03.07
LBP672: 03.07
LBP671C: 03.07
MF755Cdw: 03.07
MF753Cdw: 03.07
MF751Cdw: 03.07
CPE2.3- cpe:2.3:h:canon_japan:lbp674:*:*:*:*:*:*:*:*
- cpe:2.3:h:canon_japan:lbp674:03.07:*:*:*:*:*:*:*
- cpe:2.3:h:canon_japan:lbp672:*:*:*:*:*:*:*:*
- cpe:2.3:h:canon_japan:lbp672:03.07:*:*:*:*:*:*:*
- cpe:2.3:h:canon_japan:lbp671c:*:*:*:*:*:*:*:*
- cpe:2.3:h:canon_japan:lbp671c:03.07:*:*:*:*:*:*:*
- cpe:2.3:h:canon_japan:mf755cdw:*:*:*:*:*:*:*:*
- cpe:2.3:h:canon_japan:mf755cdw:03.07:*:*:*:*:*:*:*
- cpe:2.3:h:canon_japan:mf753cdw:*:*:*:*:*:*:*:*
- cpe:2.3:h:canon_japan:mf753cdw:03.07:*:*:*:*:*:*:*
- cpe:2.3:h:canon_japan:mf751cdw:*:*:*:*:*:*:*:*
https://psirt.canon/advisory-information/cp2024-001/
https://canon.jp/support/support-info/240205vulnerability-response
https://jvn.jp/en/vu/JVNVU90033405/index.html
https://www.zerodayinitiative.com/advisories/ZDI-24-091/
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to send a specially crafted request to the affected device in order to exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
4) Out-of-bounds write
EUVDB-ID: #VU86180
Risk: High
CVSSv4.0: 8.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]
CVE-ID: CVE-2023-6232
CWE-ID:
CWE-787 - Out-of-bounds write
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to compromise vulnerable system.
The vulnerability exists due to a boundary error when processing untrusted input in the Address Book username process. A remote attacker can trigger an out-of-bounds write and execute arbitrary code on the target system.
MitigationInstall updates from vendor's website.
Vulnerable software versionsLBP674: 03.07
LBP672: 03.07
LBP671C: 03.07
MF755Cdw: 03.07
MF753Cdw: 03.07
MF751Cdw: 03.07
CPE2.3- cpe:2.3:h:canon_japan:lbp674:*:*:*:*:*:*:*:*
- cpe:2.3:h:canon_japan:lbp674:03.07:*:*:*:*:*:*:*
- cpe:2.3:h:canon_japan:lbp672:*:*:*:*:*:*:*:*
- cpe:2.3:h:canon_japan:lbp672:03.07:*:*:*:*:*:*:*
- cpe:2.3:h:canon_japan:lbp671c:*:*:*:*:*:*:*:*
- cpe:2.3:h:canon_japan:lbp671c:03.07:*:*:*:*:*:*:*
- cpe:2.3:h:canon_japan:mf755cdw:*:*:*:*:*:*:*:*
- cpe:2.3:h:canon_japan:mf755cdw:03.07:*:*:*:*:*:*:*
- cpe:2.3:h:canon_japan:mf753cdw:*:*:*:*:*:*:*:*
- cpe:2.3:h:canon_japan:mf753cdw:03.07:*:*:*:*:*:*:*
- cpe:2.3:h:canon_japan:mf751cdw:*:*:*:*:*:*:*:*
https://psirt.canon/advisory-information/cp2024-001/
https://canon.jp/support/support-info/240205vulnerability-response
https://jvn.jp/en/vu/JVNVU90033405/index.html
https://www.zerodayinitiative.com/advisories/ZDI-24-092/
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to send a specially crafted request to the affected device in order to exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
5) Out-of-bounds write
EUVDB-ID: #VU86181
Risk: High
CVSSv4.0: 8.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]
CVE-ID: CVE-2023-6233
CWE-ID:
CWE-787 - Out-of-bounds write
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to compromise vulnerable system.
The vulnerability exists due to a boundary error when processing untrusted input in SLP attribute request process. A remote attacker can trigger an out-of-bounds write and execute arbitrary code on the target system.
MitigationInstall updates from vendor's website.
Vulnerable software versionsLBP674: 03.07
LBP672: 03.07
LBP671C: 03.07
MF755Cdw: 03.07
MF753Cdw: 03.07
MF751Cdw: 03.07
CPE2.3- cpe:2.3:h:canon_japan:lbp674:*:*:*:*:*:*:*:*
- cpe:2.3:h:canon_japan:lbp674:03.07:*:*:*:*:*:*:*
- cpe:2.3:h:canon_japan:lbp672:*:*:*:*:*:*:*:*
- cpe:2.3:h:canon_japan:lbp672:03.07:*:*:*:*:*:*:*
- cpe:2.3:h:canon_japan:lbp671c:*:*:*:*:*:*:*:*
- cpe:2.3:h:canon_japan:lbp671c:03.07:*:*:*:*:*:*:*
- cpe:2.3:h:canon_japan:mf755cdw:*:*:*:*:*:*:*:*
- cpe:2.3:h:canon_japan:mf755cdw:03.07:*:*:*:*:*:*:*
- cpe:2.3:h:canon_japan:mf753cdw:*:*:*:*:*:*:*:*
- cpe:2.3:h:canon_japan:mf753cdw:03.07:*:*:*:*:*:*:*
- cpe:2.3:h:canon_japan:mf751cdw:*:*:*:*:*:*:*:*
https://psirt.canon/advisory-information/cp2024-001/
https://canon.jp/support/support-info/240205vulnerability-response
https://jvn.jp/en/vu/JVNVU90033405/index.html
https://www.zerodayinitiative.com/advisories/ZDI-24-093/
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to send a specially crafted request to the affected device in order to exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
6) Out-of-bounds write
EUVDB-ID: #VU86182
Risk: High
CVSSv4.0: 8.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]
CVE-ID: CVE-2023-6234
CWE-ID:
CWE-787 - Out-of-bounds write
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to compromise vulnerable system.
The vulnerability exists due to a boundary error when processing untrusted input in CPCA Color LUT Resource Download process. A remote attacker can trigger an out-of-bounds write and execute arbitrary code on the target system.
MitigationInstall updates from vendor's website.
Vulnerable software versionsLBP674: 03.07
LBP672: 03.07
LBP671C: 03.07
MF755Cdw: 03.07
MF753Cdw: 03.07
MF751Cdw: 03.07
CPE2.3- cpe:2.3:h:canon_japan:lbp674:*:*:*:*:*:*:*:*
- cpe:2.3:h:canon_japan:lbp674:03.07:*:*:*:*:*:*:*
- cpe:2.3:h:canon_japan:lbp672:*:*:*:*:*:*:*:*
- cpe:2.3:h:canon_japan:lbp672:03.07:*:*:*:*:*:*:*
- cpe:2.3:h:canon_japan:lbp671c:*:*:*:*:*:*:*:*
- cpe:2.3:h:canon_japan:lbp671c:03.07:*:*:*:*:*:*:*
- cpe:2.3:h:canon_japan:mf755cdw:*:*:*:*:*:*:*:*
- cpe:2.3:h:canon_japan:mf755cdw:03.07:*:*:*:*:*:*:*
- cpe:2.3:h:canon_japan:mf753cdw:*:*:*:*:*:*:*:*
- cpe:2.3:h:canon_japan:mf753cdw:03.07:*:*:*:*:*:*:*
- cpe:2.3:h:canon_japan:mf751cdw:*:*:*:*:*:*:*:*
https://psirt.canon/advisory-information/cp2024-001/
https://canon.jp/support/support-info/240205vulnerability-response
https://jvn.jp/en/vu/JVNVU90033405/index.html
https://www.zerodayinitiative.com/advisories/ZDI-24-094/
https://www.zerodayinitiative.com/advisories/ZDI-24-562/
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to send a specially crafted request to the affected device in order to exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
7) Out-of-bounds write
EUVDB-ID: #VU86187
Risk: High
CVSSv4.0: 8.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]
CVE-ID: CVE-2024-0244
CWE-ID:
CWE-787 - Out-of-bounds write
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to compromise vulnerable system.
The vulnerability exists due to a boundary error when processing untrusted input in CPCA PCFAX number process. A remote attacker can trigger an out-of-bounds write and execute arbitrary code on the target system.
MitigationInstall updates from vendor's website.
Vulnerable software versionsMF755Cdw: 03.07
MF753Cdw: 03.07
MF751Cdw: 03.07
CPE2.3- cpe:2.3:h:canon_japan:mf755cdw:*:*:*:*:*:*:*:*
- cpe:2.3:h:canon_japan:mf755cdw:03.07:*:*:*:*:*:*:*
- cpe:2.3:h:canon_japan:mf753cdw:*:*:*:*:*:*:*:*
- cpe:2.3:h:canon_japan:mf753cdw:03.07:*:*:*:*:*:*:*
- cpe:2.3:h:canon_japan:mf751cdw:*:*:*:*:*:*:*:*
- cpe:2.3:h:canon_japan:mf751cdw:03.07:*:*:*:*:*:*:*
https://psirt.canon/advisory-information/cp2024-001/
https://canon.jp/support/support-info/240205vulnerability-response
https://jvn.jp/en/vu/JVNVU90033405/index.html
https://www.zerodayinitiative.com/advisories/ZDI-24-095/
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to send a specially crafted request to the affected device in order to exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
