Canon PSIRT Logo

Vulnerability Mitigation /Remediation Against Buffer Overflow for Laser Printers and Small Office Multifunction Printers

Vulnerability Mitigation /Remediation Against Buffer Overflow for Laser Printers and Small Office Multifunction Printers

November 25, 2022
Canon Inc.
 
 
A buffer overflow vulnerability was found for certain Canon Laser Printers and Small Office Multifunction Printers. (CVE-2022-43608)
 
This vulnerability indicates the possibility that if a product is connected directly to the Internet without using a router (wired or Wi-Fi), an unauthenticated remote attacker via the Internet may be able to execute arbitrary code and/or may be able to target the product in a Denial-of Service (DoS) attack.
 
It is recommended to set a private IP address for the products and create a network environment with a firewall or wired/Wi-Fi router that can restrict network access, please refer here. Firmware designed to address this issue will be uploaded on websites of your local Canon sales representatives accordingly. Please be advised to update the firmware to the latest released version.