Security Flaws in Canon Small Office Printers Enable Code Execution, DDoS.
Canon recently addressed seven critical buffer-overflow bugs affecting its small office multifunction printers and laser printers. These vulnerabilities, tracked as CVE-2023-6229 through CVE-2023-6234 (plus CVE-2024-0244), can allow unauthenticated attackers to remotely perform denial of service (DoS) or arbitrary code execution against affected printers connected directly to the Internet. The company assigned a “critical” rating of 9.8 out of 10 on the Common Vulnerability Scoring System (CVSS) scale to all the identified vulnerabilities. While no exploitations have been observed in the wild as of yet, owners are advised to scan for indicators of compromise, given that the bugs were publicly known but unpatched for months.
NIST advisories reveal that the flaws were identified in components such as the CPCA PDL resource download process, Address Book password process, WSD probe request process, Address Book username process, SLP attribute request process, CPCA Color LUT resource download process, and CPCA PCFAX number process.
The vulnerable printer models differ slightly based on region: i-SENSYS LBP673Cdw, MF752Cdw, MF754Cdw, C1333i, C1333iF, and C1333P series in Europe, imageCLASS MF753CDW, MF751CDW, MF1333C, LBP674CDW, and LBP1333C series in North America; and Satera LBP670C and MF750C series in Japan.
For all models, however, the vulnerabilities impact firmware versions 03.07 and earlier. Updates that address these bugs can be found on Canon’s regional websites.
“There have been no reports of these vulnerabilities being exploited. However, to enhance the security of the product, we advise that our customers install the latest firmware available for the affected models,” Canon says on its European support site.
Following are the best practices to enhance the security posture of network printers:
- Firmware Updates: Regularly update printer firmware to patch known security holes and add new or improved security features.
- Network Segmentation: Properly segment different areas of networks to prevent a compromised printer from affecting other sensitive devices.
- Access Controls: Deploy stricter user access controls and disable unnecessary services to minimize the attack surface.
- Wireless and Cloud Printing: Consider disabling wireless and cloud printing features to reduce potential entry points for unauthorized users.
You think you have a story worth everyone’s time? SUBMIT A STORY and we will publish it.
Share this content:
Post Comment