CVE-2023-6229: Buffer Overflow
First published: Tue Feb 06 2024(Updated: )
Buffer overflow in CPCA PDL Resource Download process of Office Multifunction Printers and Laser Printers(*) which may allow an attacker on the network segment to trigger the affected product being unresponsive or to execute arbitrary code.*: Satera LBP670C Series/Satera MF750C Series firmware v03.07 and earlier sold in Japan. Color imageCLASS LBP674C/Color imageCLASS X LBP1333C/Color imageCLASS MF750C Series/Color imageCLASS X MF1333C Series firmware v03.07 and earlier sold in US. i-SENSYS LBP673Cdw/C1333P/i-SENSYS MF750C Series/C1333i Series firmware v03.07 and earlier sold in Europe.
Credit: f98c90f0-e9bd-4fa7-911b-51993f3571fd
| Affected Software | Affected Version | How to fix |
|---|---|---|
| All of | ||
| Canon MF755Cdw Firmware | <=03.07 | |
| Canon MF755Cdw Firmware | ||
| All of | ||
| Canon MF753Cdw Firmware | <=03.07 | |
| Canon MF753Cdw Firmware | ||
| All of | ||
| Canon MF751CDW Firmware | <=03.07 | |
| Canon MF751CDW Firmware | ||
| All of | ||
| Canon LBP674Cdw Firmware | <=03.07 | |
| Canon LBP674Cdw | ||
| All of | ||
| Canon LBP672C Firmware | <=03.07 | |
| Canon LBP672C Firmware | ||
| All of | ||
| Canon LBP671C | <=03.07 | |
| Canon LBP671C Firmware | ||
| All of | ||
| Canon MF1238 II Firmware | <=03.07 | |
| Canon MF1238 II Firmware | ||
| All of | ||
| Canon MF1333C Firmware | <=03.07 | |
| Canon MF1333C Firmware | ||
| All of | ||
| Canon MF1643i II Firmware | <=03.07 | |
| Canon MF1643i II Firmware | ||
| All of | ||
| Canon MF1643if II Firmware | <=03.07 | |
| Canon MF1643if II Firmware | ||
| All of | ||
| Canon MF275dw Firmware | <=03.07 | |
| Canon MF275dw Firmware | ||
| All of | ||
| Canon MF273dw Firmware | <=03.07 | |
| Canon MF273dw Firmware | ||
| All of | ||
| Canon MF272dw Firmware | <=03.07 | |
| Canon MF272dw Firmware | ||
| All of | ||
| Canon MF455dw Firmware | <=03.07 | |
| Canon MF455dw Firmware | ||
| All of | ||
| Canon MF453dw Firmware | <=03.07 | |
| Canon mf453dw firmware | ||
| All of | ||
| Canon MF452dw | <=03.07 | |
| Canon MF452DW Firmware | ||
| All of | ||
| Canon MF451dw Firmware | <=03.07 | |
| Canon MF451dw Firmware | ||
| All of | ||
| Canon LBP122dw Firmware | <=03.07 | |
| Canon LBP122dw Firmware | ||
| All of | ||
| Canon LBP1238 Firmware | <=03.07 | |
| Canon LBP1238 II Firmware | ||
| All of | ||
| Canon LBP1333C Firmware | <=03.07 | |
| Canon LBP1333C Firmware | ||
| All of | ||
| Canon LBP237dw | <=03.07 | |
| Canon LBP237dw | ||
| All of | ||
| Canon LBP236dw | <=03.07 | |
| Canon LBP236dw | ||
| All of | ||
| Canon LBP674Cdw Firmware | <=03.07 | |
| Canon LBP674Cdw Firmware | ||
| All of | ||
| Canon i-SENSYS MF754Cdw | <=03.07 | |
| Canon i-SENSYS MF754Cdw Firmware | ||
| All of | ||
| Canon i-SENSYS X C1333iF | <=03.07 | |
| Canon i-SENSYS X C1333iF firmware | ||
| All of | ||
| Canon i-SENSYS LBP673Cdw | <=03.07 | |
| Canon i-SENSYS LBP673Cdw | ||
| All of | ||
| Canon i-SENSYS MF752Cdw | <=03.07 | |
| Canon i-SENSYS MF752Cdw | ||
| All of | ||
| Canon i-SENSYS X C1333i | <=03.07 | |
| Canon C1333i Series | ||
| All of | ||
| Canon i-SENSYS X C1333P | <=03.07 | |
| Canon i-SENSYS X C1333P firmware |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- https://psirt.canon/advisory-information/cp2024-001/
- https://canon.jp/support/support-info/240205vulnerability-response
- https://www.usa.canon.com/support/canon-product-advisories/Service-Notice-Regarding-Vulnerability-Measure-Against-Buffer-Overflow-for-Laser-Printers-and-Small-Office-Multifunctional-Printers
- https://www.canon-europe.com/support/product-security-latest-news/
Frequently Asked Questions
What is the severity of CVE-2023-6229?
CVE-2023-6229 has a high severity due to its potential for causing unresponsiveness or executing arbitrary code on affected printers.
How do I fix CVE-2023-6229?
To fix CVE-2023-6229, update the firmware of your affected Canon Multifunction Printers and Laser Printers to the latest version provided by Canon.
Which products are affected by CVE-2023-6229?
CVE-2023-6229 affects several Canon Multifunction Printers and Laser Printers, including models in the MF and LBP series with specific firmware versions.
Can CVE-2023-6229 be exploited remotely?
Yes, CVE-2023-6229 can be exploited by an attacker on the same network segment as the affected printers.
What are the potential consequences of CVE-2023-6229?
The consequences of CVE-2023-6229 include disruption of printer services or the possibility of unauthorized code execution.
- agent/weakness
- agent/references
- agent/type
- agent/description
- agent/first-publish-date
- agent/severity
- agent/author
- agent/event
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- agent/source
- agent/tags
- agent/softwarecombine
- collector/nvd-api
- source/NVD
- agent/software-canonical-lookup
- agent/software-canonical-lookup-request
- vendor/canon
- canonical/canon mf755cdw firmware
- version/canon mf755cdw firmware/03.07
- canonical/canon mf753cdw firmware
- version/canon mf753cdw firmware/03.07
- canonical/canon mf751cdw firmware
- version/canon mf751cdw firmware/03.07
- canonical/canon lbp674cdw firmware
- version/canon lbp674cdw firmware/03.07
- canonical/canon lbp674cdw
- canonical/canon lbp672c firmware
- version/canon lbp672c firmware/03.07
- canonical/canon lbp671c
- version/canon lbp671c/03.07
- canonical/canon lbp671c firmware
- canonical/canon mf1238 ii firmware
- version/canon mf1238 ii firmware/03.07
- canonical/canon mf1333c firmware
- version/canon mf1333c firmware/03.07
- canonical/canon mf1643i ii firmware
- version/canon mf1643i ii firmware/03.07
- canonical/canon mf1643if ii firmware
- version/canon mf1643if ii firmware/03.07
- canonical/canon mf275dw firmware
- version/canon mf275dw firmware/03.07
- canonical/canon mf273dw firmware
- version/canon mf273dw firmware/03.07
- canonical/canon mf272dw firmware
- version/canon mf272dw firmware/03.07
- canonical/canon mf455dw firmware
- version/canon mf455dw firmware/03.07
- canonical/canon mf453dw firmware
- version/canon mf453dw firmware/03.07
- canonical/canon mf452dw
- version/canon mf452dw/03.07
- canonical/canon mf452dw firmware
- canonical/canon mf451dw firmware
- version/canon mf451dw firmware/03.07
- canonical/canon lbp122dw firmware
- version/canon lbp122dw firmware/03.07
- canonical/canon lbp1238 firmware
- version/canon lbp1238 firmware/03.07
- canonical/canon lbp1238 ii firmware
- canonical/canon lbp1333c firmware
- version/canon lbp1333c firmware/03.07
- canonical/canon lbp237dw
- version/canon lbp237dw/03.07
- canonical/canon lbp236dw
- version/canon lbp236dw/03.07
- canonical/canon i-sensys mf754cdw
- version/canon i-sensys mf754cdw/03.07
- canonical/canon i-sensys mf754cdw firmware
- canonical/canon i-sensys x c1333if
- version/canon i-sensys x c1333if/03.07
- canonical/canon i-sensys x c1333if firmware
- canonical/canon i-sensys lbp673cdw
- version/canon i-sensys lbp673cdw/03.07
- canonical/canon i-sensys mf752cdw
- version/canon i-sensys mf752cdw/03.07
- canonical/canon i-sensys x c1333i
- version/canon i-sensys x c1333i/03.07
- canonical/canon c1333i series
- canonical/canon i-sensys x c1333p
- version/canon i-sensys x c1333p/03.07
- canonical/canon i-sensys x c1333p firmware