CP2024-001 Vulnerabilities Mitigation/Remediation for Small Office Multifunction Printers and Laser Printers
February 5, 2024
Canon Inc.
Description
Multiple vulnerabilities have been identified for certain Small Office Multifunction Printers and Laser Printers.
These vulnerabilities indicate the possibility that, if a product is connected directly to the Internet without using a router (wired or Wi-Fi), an unauthenticated remote attacker may be able to execute arbitrary code and/or may be able to target the product in a Denial-of-Service (DoS) attack via the Internet.
<Buffer Overflow>
CVE-2023-6229
CVE-2023-6230
CVE-2023-6231
CVE-2023-6232
CVE-2023-6233
CVE-2023-6234
CVE-2024-0244
Mitigation/Remediation
We advise that our customers set a private IP address for the products and create a network environment with a firewall or wired/Wi-Fi router that can restrict network access.
Please refer here for more details on securing products when connecting to a network.
Firmware designed to address these issues will be uploaded on websites of your local Canon sales representatives. We advise that our customers install the latest firmware available.