
Thank you for using Canon products. Canon U.S.A., Inc. has recently become aware of a potential buffer overflow vulnerability in the WSD protocol process for certain Canon Laser Printers and Small Office Multifunctional Printers listed under Affected models below. If the product is connected directly to the Internet without using a wired or Wi-Fi router, a third party could potentially execute arbitrary code, or the product could be subjected to a Denial-of-Service (DoS) attack via the Internet. Affected models: imageCLASS MF Series • MF1127C • MF1333C • MF644Cdw / MF642dw / MF641Cw • MF746Cdw / MF745Cdw/ MF743Cdw / MF741Cdw • MF753Cdw / MF751Cdw imageCLASS LBP Series • LBP1127C • LBP1333C • LBP623Cdw / LBP622Cdw • LBP664Cdw • LBP674Cdw CVE/CVSS: CVE-2024-2184: Buffer overflow in identifier field of WSD probe request process of Small Office Multifunction Printers and Laser Printers CVSS v3 CVSS: 3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H Base Score: 9.8 Mitigation/Remediation: We recommend that our customers set a private IP address for the products and create a network environment with a firewall or wired/Wi-Fi router that can restrict network access. Please refer here for more details on securing products when connecting to a network. In addition, we recommend that our customers install the latest firmware available using the instructions set forth below. To update the firmware via the Internet, take the following steps from the printer: Touch Panel Model
Contact Information Should you have any questions about the announcement, please contact the Authorized Service Facility in your area or you may contact the Call Center within your region. |