CVE-2023-6229

EPSS 0.45%
Published 06.02.2024 01:15:08
Last modified 21.11.2024 08:43:24
Source f98c90f0-e9bd-4fa7-911b-51993f
Teams watchlist Login
Open Login

Buffer overflow in CPCA PDL Resource Download process of Office Multifunction Printers and Laser Printers(*) which may allow an attacker on the network segment to trigger the affected product being unresponsive or to execute arbitrary code.*: Satera LBP670C Series/Satera MF750C Series firmware v03.07 and earlier sold in Japan. Color imageCLASS LBP674C/Color imageCLASS X LBP1333C/Color imageCLASS MF750C Series/Color imageCLASS X MF1333C Series firmware v03.07 and earlier sold in US. i-SENSYS LBP673Cdw/C1333P/i-SENSYS MF750C Series/C1333i Series firmware v03.07 and earlier sold in Europe.

Affected products Warnungen 0 Metrics 3 CWE 1 References 7

Data is provided by the National Vulnerability Database (NVD)

Canon ≫ Mf755cdw Firmware Version <= 03.07

Canon ≫ Mf755cdw Version-

Canon ≫ Mf753cdw Firmware Version <= 03.07

Canon ≫ Mf753cdw Version-

Canon ≫ Mf751cdw Firmware Version <= 03.07

Canon ≫ Mf751cdw Version-

Canon ≫ Lbp674c Firmware Version <= 03.07

Canon ≫ Lbp674c Version-

Canon ≫ Lbp672c Firmware Version <= 03.07

Canon ≫ Lbp672c Version-

Canon ≫ Lbp671c Firmware Version <= 03.07

Canon ≫ Lbp671c Version-

Canon ≫ Mf1238 Ii Firmware Version <= 03.07

Canon ≫ Mf1238 Ii Version-

Canon ≫ Mf1333c Firmware Version <= 03.07

Canon ≫ Mf1333c Version-

Canon ≫ Mf1643i Ii Firmware Version <= 03.07

Canon ≫ Mf1643i Ii Version-

Canon ≫ Mf1643if Ii Firmware Version <= 03.07

Canon ≫ Mf1643if Ii Version-

Canon ≫ Mf275dw Firmware Version <= 03.07

Canon ≫ Mf275dw Version-

Canon ≫ Mf273dw Firmware Version <= 03.07

Canon ≫ Mf273dw Version-

Canon ≫ Mf272dw Firmware Version <= 03.07

Canon ≫ Mf272dw Version-

Canon ≫ Mf455dw Firmware Version <= 03.07

Canon ≫ Mf455dw Version-

Canon ≫ Mf453dw Firmware Version <= 03.07

Canon ≫ Mf453dw Version-

Canon ≫ Mf452dw Firmware Version <= 03.07

Canon ≫ Mf452dw Version-

Canon ≫ Mf451dw Firmware Version <= 03.07

Canon ≫ Mf451dw Version-

Canon ≫ Lbp122dw Firmware Version <= 03.07

Canon ≫ Lbp122dw Version-

Canon ≫ Lbp1238 Ii Firmware Version <= 03.07

Canon ≫ Lbp1238 Ii Version-

Canon ≫ Lbp1333c Firmware Version <= 03.07

Canon ≫ Lbp1333c Version-

Canon ≫ Lbp237dw Firmware Version <= 03.07

Canon ≫ Lbp237dw Version-

Canon ≫ Lbp236dw Firmware Version <= 03.07

Canon ≫ Lbp236dw Version-

Canon ≫ Lbp674cdw Firmware Version <= 03.07

Canon ≫ Lbp674cdw Version-

Canon ≫ I-sensys Mf754cdw Firmware Version <= 03.07

Canon ≫ I-sensys Mf754cdw Version-

Canon ≫ I-sensys X C1333if Firmware Version <= 03.07

Canon ≫ I-sensys X C1333if Version-

Canon ≫ I-sensys Lbp673cdw Firmware Version <= 03.07

Canon ≫ I-sensys Lbp673cdw Version-

Canon ≫ I-sensys Mf752cdw Firmware Version <= 03.07

Canon ≫ I-sensys Mf752cdw Version-

Canon ≫ I-sensys X C1333i Firmware Version <= 03.07

Canon ≫ I-sensys X C1333i Version-

Canon ≫ I-sensys X C1333p Firmware Version <= 03.07

Canon ≫ I-sensys X C1333p Version-

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	0.45%	0.625

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
nvd@nist.gov	9.8	3.9	5.9	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
f98c90f0-e9bd-4fa7-911b-51993f3571fd	9.8	3.9	5.9	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CWE-787 Out-of-bounds Write

The product writes data past the end, or before the beginning, of the intended buffer.

https://www.canon-europe.com/support/product-security-latest-news/

Vendor Advisory

https://canon.jp/support/support-info/240205vulnerability-response

Vendor Advisory

https://psirt.canon/advisory-information/cp2024-001/

Vendor Advisory

https://www.usa.canon.com/support/canon-product-advisories/Service-Notice-Regarding-Vulnerability-Measure-Against-Buffer-Overflow-for-Laser-Printers-and-Small-Office-Multifunctional-Printers

Vendor Advisory

https://nvd.nist.gov/vuln/detail/CVE-2023-6229

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2023-6229

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2023-6229

EUVD