Vulnerability Details : CVE-2023-0854
Buffer overflow in NetBIOS QNAME registering and communication process of Office / Small Office Multifunction Printers and Laser Printers(*) which may allow an attacker on the network segment to trigger the affected product being unresponsive or to execute arbitrary code. *:Satera LBP660C Series/LBP620C Series/MF740C Series/MF640C Series firmware Ver.11.04 and earlier sold in Japan. Color imageCLASS LBP660C Series/LBP 620C Series/X LBP1127C/MF740C Series/MF640C Series/X MF1127C firmware Ver.11.04 and earlier sold in US. i-SENSYS LBP660C Series/LBP620C Series/MF740C Series/MF640C Series, C1127P, C1127iF, C1127i firmware Ver.11.04 and earlier sold in Europe.
Vulnerability category: OverflowMemory CorruptionExecute code
Products affected by CVE-2023-0854
- cpe:2.3:o:canon:mf1127c_firmware:*:*:*:*:*:*:*:*
- cpe:2.3:o:canon:mf641cw_firmware:*:*:*:*:*:*:*:*
- cpe:2.3:o:canon:mf642cdw_firmware:*:*:*:*:*:*:*:*
- cpe:2.3:o:canon:mf644cdw_firmware:*:*:*:*:*:*:*:*
- cpe:2.3:o:canon:mf741cdw_firmware:*:*:*:*:*:*:*:*
- cpe:2.3:o:canon:mf743cdw_firmware:*:*:*:*:*:*:*:*
- cpe:2.3:o:canon:mf745cdw_firmware:*:*:*:*:*:*:*:*
- cpe:2.3:o:canon:mf746cdw_firmware:*:*:*:*:*:*:*:*
- cpe:2.3:o:canon:lbp1127c_firmware:*:*:*:*:*:*:*:*
- cpe:2.3:o:canon:lbp622cdw_firmware:*:*:*:*:*:*:*:*
- cpe:2.3:o:canon:lbp623cdw_firmware:*:*:*:*:*:*:*:*
- cpe:2.3:o:canon:lbp664cdw_firmware:*:*:*:*:*:*:*:*
- cpe:2.3:o:canon:lbp621c_firmware:*:*:*:*:*:*:*:*
- cpe:2.3:o:canon:lbp622c_firmware:*:*:*:*:*:*:*:*
- cpe:2.3:o:canon:lbp661c_firmware:*:*:*:*:*:*:*:*
- cpe:2.3:o:canon:lbp662c_firmware:*:*:*:*:*:*:*:*
- cpe:2.3:o:canon:lbp664c_firmware:*:*:*:*:*:*:*:*
- cpe:2.3:o:canon:mf262dw_ii_firmware:*:*:*:*:*:*:*:*
- cpe:2.3:o:canon:mf264dw_ii_firmware:*:*:*:*:*:*:*:*
- cpe:2.3:o:canon:mf267dw_ii_firmware:*:*:*:*:*:*:*:*
- cpe:2.3:o:canon:mf269dw_ii_firmware:*:*:*:*:*:*:*:*
- cpe:2.3:o:canon:mf269dw_vp_ii_firmware:*:*:*:*:*:*:*:*
- cpe:2.3:o:canon:mf272dw_firmware:*:*:*:*:*:*:*:*
- cpe:2.3:o:canon:mf273dw_firmware:*:*:*:*:*:*:*:*
- cpe:2.3:o:canon:mf275dw_firmware:*:*:*:*:*:*:*:*
- cpe:2.3:o:canon:lbp122dw_firmware:*:*:*:*:*:*:*:*
- cpe:2.3:o:canon:imageprograf_tc-20_firmware:*:*:*:*:*:*:*:*
- cpe:2.3:o:canon:imageprograf_tc-20m_firmware:*:*:*:*:*:*:*:*
- cpe:2.3:o:canon:pixma_g3270_firmware:*:*:*:*:*:*:*:*
- cpe:2.3:o:canon:pixma_g4270_firmware:*:*:*:*:*:*:*:*
- cpe:2.3:o:canon:maxify_gx3020_firmware:*:*:*:*:*:*:*:*
- cpe:2.3:o:canon:maxify_gx4020_firmware:*:*:*:*:*:*:*:*
- cpe:2.3:o:canon:i-sensys_lbp621cw_firmware:*:*:*:*:*:*:*:*
- cpe:2.3:o:canon:i-sensys_lbp623cdw_firmware:*:*:*:*:*:*:*:*
- cpe:2.3:o:canon:i-sensys_lbp633cdw_firmware:*:*:*:*:*:*:*:*
- cpe:2.3:o:canon:i-sensys_lbp664cx_firmware:*:*:*:*:*:*:*:*
- cpe:2.3:o:canon:i-sensys_mf641cw_firmware:*:*:*:*:*:*:*:*
- cpe:2.3:o:canon:i-sensys_mf643cdw_firmware:*:*:*:*:*:*:*:*
- cpe:2.3:o:canon:i-sensys_mf645cx_firmware:*:*:*:*:*:*:*:*
- cpe:2.3:o:canon:i-sensys_mf742cdw_firmware:*:*:*:*:*:*:*:*
- cpe:2.3:o:canon:i-sensys_mf744cdw_firmware:*:*:*:*:*:*:*:*
- cpe:2.3:o:canon:i-sensys_mf746cx_firmware:*:*:*:*:*:*:*:*
- cpe:2.3:o:canon:i-sensys_x_c1127i_firmware:*:*:*:*:*:*:*:*
- cpe:2.3:o:canon:i-sensys_x_c1127if_firmware:*:*:*:*:*:*:*:*
- cpe:2.3:o:canon:i-sensys_x_c1127p_firmware:*:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2023-0854
0.39%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 74 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2023-0854
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
9.8
|
CRITICAL | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
3.9
|
5.9
|
MITRE | |
9.8
|
CRITICAL | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
3.9
|
5.9
|
NIST |
CWE ids for CVE-2023-0854
-
A heap overflow condition is a buffer overflow, where the buffer that can be overwritten is allocated in the heap portion of memory, generally meaning that the buffer was allocated using a routine such as malloc().Assigned by: cve@mitre.org (Secondary)
-
The product writes data past the end, or before the beginning, of the intended buffer.Assigned by: nvd@nist.gov (Primary)
References for CVE-2023-0854
-
https://www.usa.canon.com/support/canon-product-advisories/Service-Notice-Vulnerabilities-Remediation-Against-Buffer-Overflow
Access DeniedVendor Advisory
-
https://psirt.canon/advisory-information/cp2023-001/
CP2023-001 Vulnerabilities Mitigation/Remediation for Office / Small Office Multifunction Printers, Laser Printers and Inkjet Printers - Canon PSIRTVendor Advisory
-
https://www.canon-europe.com/support/product-security-latest-news/
Canon Product Security - Canon EuropeVendor Advisory
-
https://canon.jp/support/support-info/230414vulnerability-response
スモールオフィス向け複合機、レーザービームプリンターおよびインクジェットプリンターに関する脆弱性対応について|サポート|キヤノンVendor Advisory
Jump to