Vulnerability identifier: #VU61484
Vulnerability risk: Medium
CVSSv3.1: 7.7 [CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID:
CWE-ID:
CWE-121
Exploitation vector: Local network
Exploit availability: No
Vulnerable software:
MF1127C
Hardware solutions /
Other hardware appliances
MF1238
Hardware solutions /
Other hardware appliances
MF445DW
Hardware solutions /
Other hardware appliances
MF448DW
Hardware solutions /
Other hardware appliances
MF449DW
Hardware solutions /
Other hardware appliances
MF543DW
Hardware solutions /
Other hardware appliances
MF632CDW
Hardware solutions /
Other hardware appliances
MF634CDW
Hardware solutions /
Other hardware appliances
MF641CW
Hardware solutions /
Other hardware appliances
MF642CDW
Hardware solutions /
Other hardware appliances
MF644CDW
Hardware solutions /
Other hardware appliances
MF731CDW
Hardware solutions /
Other hardware appliances
MF733CDW
Hardware solutions /
Other hardware appliances
MF735CDW
Hardware solutions /
Other hardware appliances
MF741CDW
Hardware solutions /
Other hardware appliances
MF743CDW
Hardware solutions /
Other hardware appliances
MF745CDW
Hardware solutions /
Other hardware appliances
MF746CDW
Hardware solutions /
Other hardware appliances
LBP1127C
Hardware solutions /
Other hardware appliances
LBP1238
Hardware solutions /
Other hardware appliances
LBP226DW
Hardware solutions /
Other hardware appliances
LBP227DW
Hardware solutions /
Other hardware appliances
LBP228DW
Hardware solutions /
Other hardware appliances
LBP612CDW
Hardware solutions /
Other hardware appliances
LBP622CDW
Hardware solutions /
Other hardware appliances
LBP623CDW
Hardware solutions /
Other hardware appliances
LBP654CDW
Hardware solutions /
Other hardware appliances
LBP664CDW
Hardware solutions /
Other hardware appliances
Vendor: Canon U.S.A.
Description
The vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error within the privet API. A remote unauthenticated attacker on the local network can trigger stack-based buffer overflow and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
Mitigation
Install updates from vendor's website.
Vulnerable software versions
MF1127C: All versions
MF1238: All versions
MF445DW: All versions
MF448DW: All versions
MF449DW: All versions
MF543DW: All versions
MF632CDW: All versions
MF634CDW: All versions
MF641CW: All versions
MF642CDW: All versions
MF644CDW: All versions
MF731CDW: All versions
MF733CDW: All versions
MF735CDW: All versions
MF741CDW: All versions
MF743CDW: All versions
MF745CDW: All versions
MF746CDW: All versions
LBP1127C: All versions
LBP1238: All versions
LBP226DW: All versions
LBP227DW: All versions
LBP228DW: All versions
LBP612CDW: All versions
LBP622CDW: All versions
LBP623CDW: All versions
LBP654CDW: All versions
LBP664CDW: All versions
External links
http://www.zerodayinitiative.com/advisories/ZDI-22-516/
http://www.usa.canon.com/internet/portal/us/home/support/product-advisories/detail/canon-laser-printer-and-small-office-multifunctional-printer-measure-against-buffer-overflow/!ut/p/z1/pVLLbsIwEPyWfoC1xnEccswDGighBRIgvlTGCakl8lBAUPr1DYhWQhHhUN_Wnt2ZHQ9wWAMvxFFl4qDKQuyaOubsw595fW_k4EkQvtnYGtjBQmOuhh0NVlcAfnAsDPyuf0gG2PLD5cTXRhqes1t_B4B38y8hdiH-mkRudWoNa6F5t9bxM7WNHaT2HT8DXonDJ1LFtoR1VavikNZ7WMtyV9ZoJ_Zp_VuoXGSpbK72KN8ySmVy6npaAb8XgeemgS3mMs-c2ng001uApU0bgOk6GhleFrkBOvaMG5-Mhz6R5lePKj1BVJR13oRgcZlYSZVAnKQ0TSQVSJcmRZQSiTYaNZHQe0Q3MGHJloLXZgiMHp7R9yDUiU78kP2TYfwsFqvBXyh4D6o8iooz4rHL5t63PUWvzqZ_zl5-AOW_2L4!/dz/d5/L2dBISEvZ0FBIS9nQSEh/?urile=wcm%3Apath%3A%2FCanon_NewWeb_Products%2Fproduct-advisories%2Fcanon-laser-printer-and-small-office-multifunctional-printer-measure-against-buffer-overflow
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the local network (LAN).
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.