high
7.5
Advisory Published
Updated

CVE-2020-16849

First published: Mon Nov 30 2020(Updated: )

An issue was discovered on Canon MF237w 06.07 devices. An "Improper Handling of Length Parameter Inconsistency" issue in the IPv4/ICMPv4 component, when handling a packet sent by an unauthenticated network attacker, may expose Sensitive Information.

Credit: cve@mitre.org

Affected SoftwareAffected VersionHow to fix
Canon Mf237w Firmware=06.07
Canon MF237w
Canon Mf113w Firmware
Canon Mf113w
Canon Mf212w Firmware
Canon Mf212w
Canon Mf216n Firmware
Canon Mf216n
Canon Mf217w Firmware
Canon Mf217w
Canon Mf226dn Firmware
Canon Mf226dn
Canon Mf229dw Firmware
Canon Mf229dw
Canon Mf231 Firmware
Canon Mf231
Canon Mf232w Firmware
Canon Mf232w
Canon Mf244dw Firmware
Canon Mf244dw
Canon Mf247dw Firmware
Canon Mf247dw
Canon Mf249dw Firmware
Canon Mf249dw
Canon Mf264dw Firmware
Canon Mf264dw
Canon Mf267dw Firmware
Canon Mf267dw
Canon Mf269dw Firmware
Canon Mf269dw
Canon Mf4570dn Firmware
Canon Mf4570dn
Canon Mf4580dn Firmware
Canon Mf4580dn
Canon Mf4780w Firmware
Canon Mf4780w
Canon Mf4870dn Firmware
Canon Mf4870dn
Canon Mf4890dw Firmware
Canon Mf4890dw
Canon Lbp113w Firmware
Canon Lbp113w
Canon Lbp151dw Firmware
Canon Lbp151dw
Canon Lbp162dw Firmware
Canon Lbp162dw
Canon Ir2202n Firmware
Canon Ir2202n
Canon Ir2204n Firmware
Canon Ir2204n
Canon Ir2204f Firmware
Canon Ir2204f
Canon Ir2206n Firmware
Canon Ir2206n
Canon Ir2206if Firmware
Canon Ir2206if

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

Reference Links

Frequently Asked Questions

  • What is CVE-2020-16849?

    CVE-2020-16849 is an "Improper Handling of Length Parameter Inconsistency" vulnerability discovered on Canon MF237w 06.07 devices.

  • What is the severity of CVE-2020-16849?

    The severity of CVE-2020-16849 is high with a CVSS score of 7.5.

  • Which devices are affected by CVE-2020-16849?

    Canon MF237w devices with firmware version 06.07 are affected by CVE-2020-16849.

  • How can an attacker exploit CVE-2020-16849?

    An unauthenticated network attacker can exploit CVE-2020-16849 by sending a malicious packet to the IPv4/ICMPv4 component of the affected device.

  • Is there a fix for CVE-2020-16849?

    It is recommended to update the firmware of the Canon MF237w devices to a version that includes a fix for CVE-2020-16849.

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2024 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203