• Home
  • |
  • Blog
  • |
  • How To Fix The Three New Buffer Overflow Vulnerabilities In Canon Printers- (CVE-2022-24672, CVE-2022-24673, CVE-2022-24674)
How to Fix the Three New Buffer Overflow Vulnerabilities in Canon Printers

The world’s popular printers manufacturer, Canon, disclosed three new buffer overflow vulnerabilities in multiple Canon printers. The vulnerabilities are assigned with CVE IDs CVE-2022-24672, CVE-2022-24673, and CVE-2022-24674 are High severity vulnerabilities with a CVSS score of 8.8. We recommend all Canon Printer users read this post as the successful exploitation of these buffer overflow vulnerabilities would allow attackers to perform arbitrary code execution, remote code execution, and Denial-of-Service (DoS) attacks on the vulnerable printer modules. Let’s see How to Fix the Three New Buffer Overflow Vulnerabilities in Canon Printers- (CVE-2022-24672, CVE-2022-24673, CVE-2022-24674) and secure your Canon printers from these buffer overflow vulnerabilities.

List Of Buffer Overflow Vulnerabilities In Canon Printers:

  1. CVE-2022-24672: A Stack-based Buffer overflow in the CADM service of Canon imageCLASS MF644Cdw printers.
  2. CVE-2022-24673: A Stack-based Buffer overflow in the implementation of the SLP protocol of Canon imageCLASS MF644Cdw printers.
  3. CVE-2022-24674: A Stack-based Buffer overflow in the privet API of Canon imageCLASS MF644Cdw printers.

Summary Of CVE-2022-24672- Buffer Overflow Vulnerabilities In The CADM Service:

The CVE-2022-24672 vulnerability is due to the improper validation of the length of user-supplied data prior to copying it to a fixed-length heap-based buffer in the CADM service. An attacker can leverage this vulnerability to execute code in the service account context. These buffer overflow vulnerabilities would allow attackers to perform arbitrary code execution, remote code execution, and Denial-of-Service (DoS) attacks on affected installations of Canon imageCLASS MF644Cdw printer modules.

Associated CVE IDCVE-2022-24672
DescriptionA Stack-based Buffer overflow in the privet API of Canon imageCLASS MF644Cdw printers.
Associated ZDI ID
CVSS Score8.8 High
VectorCVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Impact Score
Exploitability Score
Attack Vector (AV)Adjacent Network
Attack Complexity (AC)Low
Privilege Required (PR)None
User Interaction (UI)None
ScopeUnchanged
Confidentiality (C)High
Integrity (I)High
availability (a)High

Summary Of CVE-2022-24673- Buffer Overflow Vulnerabilities In The Implementation Of The SLP Protocol:

The CVE-2022-24673 vulnerability is due to the improper validation of the length of user-supplied data before copying it to a fixed-length heap-based buffer in the implementation of the SLP protocol. An attacker can leverage this vulnerability to execute code in the context of root. These buffer overflow vulnerabilities would allow attackers to perform arbitrary code execution, remote code execution, and Denial-of-Service (DoS) attacks on affected installations of Canon imageCLASS MF644Cdw printer modules.

Associated CVE IDCVE-2022-24673
DescriptionA Stack-based Buffer overflow in the implementation of the SLP protocol of Canon imageCLASS MF644Cdw printers.
Associated ZDI ID
CVSS Score8.8 High
VectorCVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Impact Score
Exploitability Score
Attack Vector (AV)Adjacent Network
Attack Complexity (AC)Low
Privilege Required (PR)None
User Interaction (UI)None
ScopeUnchanged
Confidentiality (C)High
Integrity (I)High
availability (a)High

Summary Of CVE-2022-24674- Buffer Overflow Vulnerabilities In The Privet API:

The CVE-2022-24674 vulnerability is due to the improper validation of the length of user-supplied data before copying it to a fixed-length heap-based buffer in the privet API. An attacker can leverage this vulnerability to execute code in the service account context. These buffer overflow vulnerabilities would allow attackers to perform arbitrary code execution, remote code execution, and Denial-of-Service (DoS) attacks on affected installations of Canon imageCLASS MF644Cdw printer modules.

Associated CVE IDCVE-2022-24674
DescriptionA Stack-based Buffer overflow in the privet API of Canon imageCLASS MF644Cdw printers.
Associated ZDI ID
CVSS Score8.8 High
VectorCVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Impact Score
Exploitability Score
Attack Vector (AV)Adjacent Network
Attack Complexity (AC)Low
Privilege Required (PR)None
User Interaction (UI)None
ScopeUnchanged
Confidentiality (C)High
Integrity (I)High
availability (a)High

Products Affected By These Buffer Overflow Vulnerabilities:

Advisory says that these buffer overflow vulnerabilities affect multiple Canon Laser Printers and Small Office Multifunctional Printer modules. The list would look like this :

imageCLASS MF Series

  • MF1127C
  • MF1238
  • MF445DW/MF448DW/MF449DW/MF543DW
  • MF632CDW/MF634CDW
  • MF641CW/MF642CDW/MF644CDW
  • MF731CDW/MF733CDW/MF735CDW
  • MF741CDW/MF743CDW/MF745CDW/MF746CDW

imageCLASS LBP Series

  • LBP1127C
  • LBP1238
  • LBP226DW/LBP227DW/LBP228DW
  • LBP612CDW
  • LBP622CDW/LBP623CDW
  • LBP654CDW
  • LBP664CDW

Note: The list may change as more investigations happen. Please visit this page for updated information.

How To Fix The Three New Buffer Overflow Vulnerabilities In Canon Printers?

The best solution to fix these buffer overflow vulnerabilities is upgrading the product’s firmware. If you are not in a position to upgrade the firmware anytime soon. It is good to disconnect the printer devices from the internet. If you really need the printer service to be used over the internet, configure the printer behind a firewall or VPN in a secured way. Click on these links to see how to upgrade the firmware. We recommend checking the product’s guide or contact support before upgrading the firmware.

Follow these best practices to secure your printer service on the internet:

  1. Change the default password of the printer to a new complex password.
  2. Enable the passwords for all admin and non-admin accounts.
  3. Configure the printers behind the firewall and VPNs and implement network and access restrictions.
  4. Use the encrypted network channel to connect the printers over the internet.
  5. Disable the ports is not in use.
  6. Set the product’s security function settings as strong as possible.
  7. Keep the firmware version up to date.
  8. Back up the data and configurations settings regularly.

We hope this post will help you know How to Fix the Three New Buffer Overflow Vulnerabilities in Canon Printers- (CVE-2022-24672, CVE-2022-24673, CVE-2022-24674). Please share this post and help to secure the digital world. Visit our social media page on FacebookLinkedInTwitterTelegramTumblr, & Medium and subscribe to receive updates like this. 

About the author

Arun KL

Hi All, I am Arun KL, an IT Security Professional. Founder of “thesecmaster.com”. Enthusiast, Security Blogger, Technical Writer, Editor, Author at TheSecMaster. To know more about me. Follow me on LinkedIn

Leave a Reply

Your email address will not be published. Required fields are marked

{"email":"Email address invalid","url":"Website address invalid","required":"Required field missing"}

Learn Something New with Free Email subscription

Email is also one of the ways to be in touch with us. Our free subscription plan offers you to receive post updates straight to your inbox.