CVE-2024-2184
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Summary
Buffer overflow in identifier field of WSD probe request process of Small Office Multifunction Printers and Laser Printers() which may allow an attacker on the network segment to trigger the affected product being unresponsive or to execute arbitrary code.:Satera MF740C Series/Satera MF640C Series/Satera LBP660C Series/Satera LBP620C Series firmware v12.07 and earlier, and Satera MF750C Series/Satera LBP670C Series firmware v03.09 and earlier sold in Japan.Color imageCLASS MF740C Series/Color imageCLASS MF640C Series/Color imageCLASS X MF1127C/Color imageCLASS LBP664Cdw/Color imageCLASS LBP622Cdw/Color imageCLASS X LBP1127C firmware v12.07 and earlier, and Color imageCLASS MF750C Series/Color imageCLASS X MF1333C/Color imageCLASS LBP674Cdw/Color imageCLASS X LBP1333C firmware v03.09 and earlier sold in US.i-SENSYS MF740C Series/i-SENSYS MF640C Series/C1127i Series/i-SENSYS LBP660C Series/i-SENSYS LBP620C Series/C1127P firmware v12.07 and earlier, and i-SENSYS MF750C Series/C1333i Series/i-SENSYS LBP673Cdw/C1333P firmware v03.09 and earlier sold in Europe.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Canon Inc. | Color imageCLASS MF740C Series | v12.07 and earlier | affected |
| Canon Inc. | Color imageCLASS MF640C Series | v12.07 and earlier | affected |
| Canon Inc. | i-SENSYS MF740C Series | v12.07 and earlier | affected |
| Canon Inc. | i-SENSYS MF640C Series | v12.07 and earlier | affected |
| Canon Inc. | Satera MF740C Series | v12.07 and earlier | affected |
| Canon Inc. | Satera MF640C Series | v12.07 and earlier | affected |
| Canon Inc. | Color imageCLASS X MF1127C | v12.07 and earlier | affected |
| Canon Inc. | C1127i Series | v12.07 and earlier | affected |
| Canon Inc. | Color imageCLASS LBP664Cdw | v12.07 and earlier | affected |
| Canon Inc. | Color imageCLASS LBP622Cdw | v12.07 and earlier | affected |
| Canon Inc. | i-SENSYS LBP660C Series | v12.07 and earlier | affected |
| Canon Inc. | i-SENSYS LBP620C Series | v12.07 and earlier | affected |
| Canon Inc. | Satera LBP660C Series | v12.07 and earlier | affected |
| Canon Inc. | Satera LBP620C Series | v12.07 and earlier | affected |
| Canon Inc. | Color imageCLASS X LBP1127C | v12.07 and earlier | affected |
| Canon Inc. | C1127P | v12.07 and earlier | affected |
| Canon Inc. | Color imageCLASS MF750C Series | v03.09 and earlier | affected |
| Canon Inc. | i-SENSYS MF750C Series | v03.09 and earlier | affected |
| Canon Inc. | Satera MF750C Series | v03.09 and earlier | affected |
| Canon Inc. | Color imageCLASS X MF1333C | v03.09 and earlier | affected |
| Canon Inc. | C1333i Series | v03.09 and earlier | affected |
| Canon Inc. | Color imageCLASS LBP674Cdw | v03.09 and earlier | affected |
| Canon Inc. | i-SENSYS LBP673Cdw | v03.09 and earlier | affected |
| Canon Inc. | Satera LBP670C Series | v03.09 and earlier | affected |
| Canon Inc. | Color imageCLASS X LBP1333C | v03.09 and earlier | affected |
| Canon Inc. | C1333P | v03.09 and earlier | affected |
Weaknesses
- CWE-787: CWE-787: Out-of-bounds Write
ADP Enrichment
CVE Program Container
Additional References
CISA ADP Vulnrichment
- SSVC:
- Exploitation: none
- Automatable: yes
- Technical Impact: total
References
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.