Improper access control in Canon U.S.A. products - CVE-2023-0858
Published: May 24, 2023
Vulnerability identifier: #VU76478
CSH Severity: Low
CVSSv4.0: CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:A/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear
CVE-ID: CVE-2023-0858
CWE-ID: CWE-284
Exploitation vector: Remote access
Exploit availability:
No public exploit available
Vulnerable software:
imageCLASS MF1127C
imageCLASS MF262DW II
imageCLASS MF264DW II
imageCLASS MF267DW II
imageCLASS MF269DW II
imageCLASS MF269DW VP II
imageCLASS MF272DW
imageCLASS MF273DW
imageCLASS MF275DW
imageCLASS MF641CW
imageCLASS MF642CDW
imageCLASS MF644CDW
imageCLASS MF741CDW
imageCLASS MF743CDW
imageCLASS MF745CDW
imageCLASS MF746CDW
imageCLASS LBP122DW
imageCLASS LBP1127C
imageCLASS LBP622CDW
imageCLASS LBP623CDW
imageCLASS LBP664CDW
imagePROGRAF TC-20
imagePROGRAF TC-20M
PIXMA G3270
PIXMA G4270
MAXIFY GX3020
MAXIFY GX4020
imageCLASS MF1127C
imageCLASS MF262DW II
imageCLASS MF264DW II
imageCLASS MF267DW II
imageCLASS MF269DW II
imageCLASS MF269DW VP II
imageCLASS MF272DW
imageCLASS MF273DW
imageCLASS MF275DW
imageCLASS MF641CW
imageCLASS MF642CDW
imageCLASS MF644CDW
imageCLASS MF741CDW
imageCLASS MF743CDW
imageCLASS MF745CDW
imageCLASS MF746CDW
imageCLASS LBP122DW
imageCLASS LBP1127C
imageCLASS LBP622CDW
imageCLASS LBP623CDW
imageCLASS LBP664CDW
imagePROGRAF TC-20
imagePROGRAF TC-20M
PIXMA G3270
PIXMA G4270
MAXIFY GX3020
MAXIFY GX4020
Software vendor:
Canon U.S.A.
Canon U.S.A.
Description
The vulnerability allows a remote attacker to gain unauthorized access to otherwise restricted functionality.
The vulnerability exists due to improper access restrictions. A remote attacker can bypass implemented security restrictions and gain unauthorized access to the product.
Remediation
Install updates from vendor's website.