Posted on 5 February 2023
Updated 1 April 2023
Multiple cases of buffer overflow vulnerabilities have been confirmed for Canon Laser Printers and Small Office Multifunction Printers (Refer to affected models shown below).
(CVE-2023-6229/6230/6231/6232/6233/6234, CVE-2024-0244)
This vulnerability suggest the possibility that if a product is connected directly to the Internet without using a wired or Wi-Fi router, a third party on the Internet may execute arbitrary code or the product could be subjected to Denial-of Service (DoS) attack.
We have not received any report of damage to date.
For the safety of your products, please update the firmware (for products mentioned below) to the latest version.
In addition, please do not connect directly to the Internet. Instead, set a private IP address on a secure private network configured via firewall product or a wired/Wi-Fi router.
For details, please refer to the following link.
We will work to further strengthen security measures to ensure that customers can continue using Canon products with peace of mind.
Affected Products:
Product Name | CVE-2023-6229 | CVE-2023-6230 | CVE-2023-6231 | CVE-2023-6232 | CVE-2023-6223 | CVE-2023-6234 | CVE-2024-0244 | Countermeasure firmware version |
---|---|---|---|---|---|---|---|---|
MF746CX / C1127IF | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | V13.01 |
LBP664CX | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | V13.01 | |
MF756CX | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | V04.01 |
C1333IF | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | V04.01 |
MF753CX | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | V03.09 or Later |
LBP674CX | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | V04.01 | |
IR1643IFII | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | v04.01 or Later | |
ICX1440P / ICX1440IF / LBP243DW / MF465DW | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | v03.02 or Later |
As soon as we confirm the vulnerability of other products, we will inform you immediately on this page.