Product Advisories

Print This PageEmail This Page

Service Notice: Vulnerabilities Remediation Against Buffer Overflow for Canon Laser Printer/Inkjet Printer and Small Office Multifunctional Printers

Thank you for using Canon products.

Canon U.S.A., Inc. has recently become aware of potential multiple buffer overflow vulnerabilities in the Canon Laser Printers/Inkjet Printers and Small Office Multifunctional Printers listed under Affected models below. If the product is connected directly to the internet without using a wired or Wi-Fi router, a third party could potentially execute arbitrary code or the product could be subjected to a Denial-of-Service (DoS) attack. In addition, there is the potential for arbitrary files to be installed by a third party due to improper authentication of the Remote User Interface (printer web portal).

Buffer Overflow
• CVE-2023-0851
• CVE-2023-0852
• CVE-2023-0853
• CVE-2023-0854
• CVE-2023-0855
• CVE-2023-0856
• CVE-2022-43974
• CVE-2022-43608

Problems During Initial Registration of System Administrators in Control Protocols
• CVE-2023-0857

Improper authentication of the printer’s web portal
• CVE-2023-0858

Installation of arbitrary files
• CVE-2023-0859

Affected Products

imageCLASS MF Series
Color imageCLASS X MF1127C
Color imageCLASS X C1127i
Color imageCLASS MF644Cdw
Color imageCLASS MF645Cx
Color imageCLASS MF746Cdw
Color imageCLASS MF746Cx

imageCLASS LBP Series
Color imageCLASS X LBP1127C
Color imageCLASS X C1127P
Color imageCLASS LBP622Cdw
Color imageCLASS LBP623Cdw
Color imageCLASS LBP664Cdw
Color imageCLASS LBP664Cx

Note: If we determine that additional products could potentially be impacted by this matter, we will issue an updated Service Notice.

Please click your product from the list above or proceed to or click on the Affected model link above to navigate to the latest firmware. Once here, select Firmware and download and install the latest version.

Furthermore, if you have not done so already, we recommend that you set up a private IP address for products and create a network environment with a firewall or Wi-Fi router that can restrict network access.

In addition, please check “Regarding security for products connected to a network” in the URL below for other security measures that can be used with your Canon products.

Contact Information
Should you have any questions about the announcement, please contact the Authorized Service Facility in your area or you may contact the Call Center within your region.