Table of Contents
  • Home
  • /
  • Blog
  • /
  • How To Fix The Three New Buffer Overflow Vulnerabilities In Canon Printers- (CVE-2022-24672, CVE-2022-24673, CVE-2022-24674)
March 22, 2022
|
5m

How To Fix The Three New Buffer Overflow Vulnerabilities In Canon Printers- (CVE-2022-24672, CVE-2022-24673, CVE-2022-24674)


How To Fix The Three New Buffer Overflow Vulnerabilities In Canon Printers

The world’s popular printers manufacturer, Canon, disclosed three new buffer overflow vulnerabilities in multiple Canon printers. The vulnerabilities are assigned with CVE IDs CVE-2022-24672, CVE-2022-24673, and CVE-2022-24674 are High severity vulnerabilities with a CVSS score of 8.8. We recommend all Canon Printer users read this post as the successful exploitation of these buffer overflow vulnerabilities would allow attackers to perform arbitrary code execution, remote code execution, and Denial-of-Service (DoS) attacks on the vulnerable printer modules. Let’s see How to Fix the Three New Buffer Overflow Vulnerabilities in Canon Printers- (CVE-2022-24672, CVE-2022-24673, CVE-2022-24674) and secure your Canon printers from these buffer overflow vulnerabilities.

List Of Buffer Overflow Vulnerabilities In Canon Printers:

  1. CVE-2022-24672: A Stack-based Buffer overflow in the CADM service of Canon imageCLASS MF644Cdw printers.

  2. CVE-2022-24673: A Stack-based Buffer overflow in the implementation of the SLP protocol of Canon imageCLASS MF644Cdw printers.

  3. CVE-2022-24674: A Stack-based Buffer overflow in the privet API of Canon imageCLASS MF644Cdw printers.

Summary Of CVE-2022-24672- Buffer Overflow Vulnerabilities In The CADM Service:

The CVE-2022-24672 vulnerability is due to the improper validation of the length of user-supplied data prior to copying it to a fixed-length heap-based buffer in the CADM service. An attacker can leverage this vulnerability to execute code in the service account context. These buffer overflow vulnerabilities would allow attackers to perform arbitrary code execution, remote code execution, and Denial-of-Service (DoS) attacks on affected installations of Canon imageCLASS MF644Cdw printer modules.

Associated CVE IDCVE-2022-24672
DescriptionA Stack-based Buffer overflow in the privet API of Canon imageCLASS MF644Cdw printers.
Associated ZDI ID
CVSS Score8.8 High
VectorCVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Impact Score
Exploitability Score
Attack Vector (AV)Adjacent Network
Attack Complexity (AC)Low
Privilege Required (PR)None
User Interaction (UI)None
ScopeUnchanged
Confidentiality (C)High
Integrity (I)High
availability (a)High

Summary Of CVE-2022-24673- Buffer Overflow Vulnerabilities In The Implementation Of The SLP Protocol:

The CVE-2022-24673 vulnerability is due to the improper validation of the length of user-supplied data before copying it to a fixed-length heap-based buffer in the implementation of the SLP protocol. An attacker can leverage this vulnerability to execute code in the context of root. These buffer overflow vulnerabilities would allow attackers to perform arbitrary code execution, remote code execution, and Denial-of-Service (DoS) attacks on affected installations of Canon imageCLASS MF644Cdw printer modules.

Associated CVE IDCVE-2022-24673
DescriptionA Stack-based Buffer overflow in the implementation of the SLP protocol of Canon imageCLASS MF644Cdw printers.
Associated ZDI ID
CVSS Score8.8 High
VectorCVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Impact Score
Exploitability Score
Attack Vector (AV)Adjacent Network
Attack Complexity (AC)Low
Privilege Required (PR)None
User Interaction (UI)None
ScopeUnchanged
Confidentiality (C)High
Integrity (I)High
availability (a)High

Summary Of CVE-2022-24674- Buffer Overflow Vulnerabilities In The Privet API:

The CVE-2022-24674 vulnerability is due to the improper validation of the length of user-supplied data before copying it to a fixed-length heap-based buffer in the privet API. An attacker can leverage this vulnerability to execute code in the service account context. These buffer overflow vulnerabilities would allow attackers to perform arbitrary code execution, remote code execution, and Denial-of-Service (DoS) attacks on affected installations of Canon imageCLASS MF644Cdw printer modules.

Associated CVE IDCVE-2022-24674
DescriptionA Stack-based Buffer overflow in the privet API of Canon imageCLASS MF644Cdw printers.
Associated ZDI ID
CVSS Score8.8 High
VectorCVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Impact Score
Exploitability Score
Attack Vector (AV)Adjacent Network
Attack Complexity (AC)Low
Privilege Required (PR)None
User Interaction (UI)None
ScopeUnchanged
Confidentiality (C)High
Integrity (I)High
availability (a)High

Products Affected By These Buffer Overflow Vulnerabilities:

Advisory says that these buffer overflow vulnerabilities affect multiple Canon Laser Printers and Small Office Multifunctional Printer modules. The list would look like this :

imageCLASS MF Series

  • MF1127C

  • MF1238

  • MF445DW/MF448DW/MF449DW/MF543DW

  • MF632CDW/MF634CDW

  • MF641CW/MF642CDW/MF644CDW

  • MF731CDW/MF733CDW/MF735CDW

  • MF741CDW/MF743CDW/MF745CDW/MF746CDW

imageCLASS LBP Series

  • LBP1127C

  • LBP1238

  • LBP226DW/LBP227DW/LBP228DW

  • LBP612CDW

  • LBP622CDW/LBP623CDW

  • LBP654CDW

  • LBP664CDW

Note: The list may change as more investigations happen. Please visit this page for updated information.

How To Fix The Three New Buffer Overflow Vulnerabilities In Canon Printers?

The best solution to fix these buffer overflow vulnerabilities is upgrading the product’s firmware. If you are not in a position to upgrade the firmware anytime soon. It is good to disconnect the printer devices from the internet. If you really need the printer service to be used over the internet, configure the printer behind a firewall or VPN in a secured way. Click on these links to see how to upgrade the firmware. We recommend checking the product’s guide or contact support before upgrading the firmware.

Follow these best practices to secure your printer service on the internet:

  1. Change the default password of the printer to a new complex password.

  2. Enable the passwords for all admin and non-admin accounts.

  3. Configure the printers behind the firewall and VPNs and implement network and access restrictions.

  4. Use the encrypted network channel to connect the printers over the internet.

  5. Disable the ports is not in use.

  6. Set the product’s security function settings as strong as possible.

  7. Keep the firmware version up to date.

  8. Back up the data and configurations settings regularly.

We hope this post would help you know How to Fix the Three New Buffer Overflow Vulnerabilities in Canon Printers- (CVE-2022-24672, CVE-2022-24673, CVE-2022-24674). Please share this post and help to secure the digital world. Visit our social media page on FacebookLinkedInTwitterTelegramTumblr, & Medium and subscribe to receive updates like this. 

You may also like these articles:

Arun KL

Arun KL is a cybersecurity professional with 15+ years of experience in IT infrastructure, cloud security, vulnerability management, Penetration Testing, security operations, and incident response. He is adept at designing and implementing robust security solutions to safeguard systems and data. Arun holds multiple industry certifications including CCNA, CCNA Security, RHCE, CEH, and AWS Security.

Recently added

Vulnerabilities

View All

Learn More About Cyber Security Security & Technology

“Knowledge Arsenal: Empowering Your Security Journey through Continuous Learning”

Cybersecurity All-in-One For Dummies - 1st Edition

"Cybersecurity All-in-One For Dummies" offers a comprehensive guide to securing personal and business digital assets from cyber threats, with actionable insights from industry experts.

Tools

Featured

View All

Learn Something New with Free Email subscription

Subscribe

Subscribe