9.8

CVE-2024-0244

Buffer overflow in CPCA PCFAX number process of Office Multifunction Printers and Laser Printers(*) which may allow an attacker on the network segment to trigger the affected product being unresponsive or to execute arbitrary code.*:Satera MF750C Series firmware v03.07 and earlier sold in Japan. Color imageCLASS MF750C Series/Color imageCLASS X MF1333C firmware v03.07 and earlier sold in US. i-SENSYS MF754Cdw/C1333iF firmware v03.07 and earlier sold in Europe.

Daten sind bereitgestellt durch National Vulnerability Database (NVD)
CanonI-sensys Mf754cdw Firmware Version <= 03.07
   CanonI-sensys Mf754cdw Version-
CanonI-sensys X C1333if Firmware Version <= 03.07
   CanonI-sensys X C1333if Version-
CanonMf755cdw Firmware Version <= 03.07
   CanonMf755cdw Version-
CanonMf753cdw Firmware Version <= 03.07
   CanonMf753cdw Version-
CanonMf751cdw Firmware Version <= 03.07
   CanonMf751cdw Version-
CanonMf1333c Firmware Version <= 03.07
   CanonMf1333c Version-
CanonLbp1333c Firmware Version <= 03.07
   CanonLbp1333c Version-
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 1.38% 0.686
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 9.8 3.9 5.9
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
f98c90f0-e9bd-4fa7-911b-51993f3571fd 9.8 3.9 5.9
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
CWE-787 Out-of-bounds Write

The product writes data past the end, or before the beginning, of the intended buffer.

https://www.canon-europe.com/support/product-security-latest-news/
Vendor Advisory
https://canon.jp/support/support-info/240205vulnerability-response
Vendor Advisory
https://psirt.canon/advisory-information/cp2024-001/
Vendor Advisory
https://www.usa.canon.com/support/canon-product-advisories/Service-Notice-Regarding-Vulnerability-Measure-Against-Buffer-Overflow-for-Laser-Printers-and-Small-Office-Multifunctional-Printers
Vendor Advisory