Mf642Cdw Firmware
CVE-2023-0854
CRITICAL
Severity by source
AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Lifecycle Timeline
1DescriptionNVD
Buffer overflow in NetBIOS QNAME registering and communication process of Office / Small Office Multifunction Printers and Laser Printers(*) which may allow an attacker on the network segment to trigger the affected product being unresponsive or to execute arbitrary code. *:Satera LBP660C Series/LBP620C Series/MF740C Series/MF640C Series firmware Ver.11.04 and earlier sold in Japan. Color imageCLASS LBP660C Series/LBP 620C Series/X LBP1127C/MF740C Series/MF640C Series/X MF1127C firmware Ver.11.04 and earlier sold in US. i-SENSYS LBP660C Series/LBP620C Series/MF740C Series/MF640C Series, C1127P, C1127iF, C1127i firmware Ver.11.04 and earlier sold in Europe.
AnalysisAI
Buffer overflow in NetBIOS QNAME registering and communication process of Office / Small Office Multifunction Printers and Laser Printers(*) which may allow an attacker on the network segment to. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Technical ContextAI
This vulnerability is classified under CWE-122. Buffer overflow in NetBIOS QNAME registering and communication process of Office / Small Office Multifunction Printers and Laser Printers(*) which may allow an attacker on the network segment to trigger the affected product being unresponsive or to execute arbitrary code. *:Satera LBP660C Series/LBP620C Series/MF740C Series/MF640C Series firmware Ver.11.04 and earlier sold in Japan. Color imageCLASS LBP660C Series/LBP 620C Series/X LBP1127C/MF740C Series/MF640C Series/X MF1127C firmware Ver.11.04 and earlier sold in US. i-SENSYS LBP660C Series/LBP620C Series/MF740C Series/MF640C Series, C1127P, C1127iF, C1127i firmware Ver.11.04 and earlier sold in Europe. Affected products include: Canon Mf642Cdw Firmware, Canon Mf644Cdw Firmware, Canon Mf741Cdw Firmware, Canon Mf743Cdw Firmware, Canon Mf745Cdw Firmware.
RemediationAI
No vendor patch is available at time of analysis. Monitor vendor advisories for updates. Apply vendor patches when available. Implement network segmentation and monitoring as interim mitigations.
More in Mf642Cdw Firmware
View allBuffer overflow in IPP sides attribute process of Office / Small Office Multifunction Printers and Laser Printers(*) whi
Buffer overflow in IPP number-up attribute process of Office / Small Office Multifunction Printers and Laser Printers(*)
Buffer overflow in mDNS NSEC record registering process of Office / Small Office Multifunction Printers and Laser Printe
Buffer overflow in the Address Book of Mobile Device function of Office / Small Office Multifunction Printers and Laser
Buffer overflow in CPCA Resource Download process of Office / Small Office Multifunction Printers and Laser Printers(*)
Unintentional change of settings during initial registration of system administrators which uses control protocols. Rate
Arbitrary Files can be installed in the Setting Data Import function of Office / Small Office Multifunction Printers and
Improper Authentication of RemoteUI of Office / Small Office Multifunction Printers and Laser Printers(*) which may allo
Same weakness CWE-122 – Heap-based Buffer Overflow
View allShare
External POC / Exploit Code
Leaving vuln.today