ГлавнаяУязвимости → CVE-2023-6234
9.8критическая

CVE-2023-6234

Описание

Buffer overflow in CPCA Color LUT Resource Download process of Office Multifunction Printers and Laser Printers(*) which may allow an attacker on the network segment to trigger the affected product being unresponsive or to execute arbitrary code.*: Satera LBP670C Series/Satera MF750C Series firmware v03.07 and earlier sold in Japan. Color imageCLASS LBP674C/Color imageCLASS X LBP1333C/Color imageCLASS MF750C Series/Color imageCLASS X MF1333C Series firmware v03.07 and earlier sold in US. i-SENSYS LBP673Cdw/C1333P/i-SENSYS MF750C Series/C1333i Series firmware v03.07 and earlier sold in Europe.

Затрагиваемое ПО
Canon Mf755cdw firmwareCanon Mf755cdwCanon Mf753cdw firmwareCanon Mf753cdwCanon Mf751cdw firmwareCanon Mf751cdwCanon Lbp674c firmwareCanon Lbp674cCanon Lbp672c firmwareCanon Lbp672cCanon Lbp671c firmwareCanon Lbp671cCanon Mf1238 ii firmwareCanon Mf1238 iiCanon Mf1333c firmwareCanon Mf1333cCanon Mf1643i ii firmwareCanon Mf1643i iiCanon Mf1643if ii firmwareCanon Mf1643if iiCanon Mf275dw firmwareCanon Mf275dwCanon Mf273dw firmwareCanon Mf273dwCanon Mf272dw firmware
CVSS
Балл9.8 — критическая
ВекторCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Источники
https://canon.jp/support/support-info/240205vulnerability-responsehttps://psirt.canon/advisory-information/cp2024-001/https://www.canon-europe.com/support/product-security-latest-news/https://www.usa.canon.com/support/canon-product-advisories/Service-Notice-Regarding-Vulnerability-Measure-Against-Buffer-Overflow-for-Laser-Printers-and-Small-Office-Multifunctional-Printershttps://canon.jp/support/support-info/240205vulnerability-responsehttps://psirt.canon/advisory-information/cp2024-001/https://www.canon-europe.com/support/product-security-latest-news/https://www.usa.canon.com/support/canon-product-advisories/Service-Notice-Regarding-Vulnerability-Measure-Against-Buffer-Overflow-for-Laser-Printers-and-Small-Office-Multifunctional-Printers