Table of Contents
March 22, 2022
|5m
How To Fix The Three New Buffer Overflow Vulnerabilities In Canon Printers- (CVE-2022-24672, CVE-2022-24673, CVE-2022-24674)
The world’s popular printers manufacturer, Canon, disclosed three new buffer overflow vulnerabilities in multiple Canon printers. The vulnerabilities are assigned with CVE IDs CVE-2022-24672, CVE-2022-24673, and CVE-2022-24674 are High severity vulnerabilities with a CVSS score of 8.8. We recommend all Canon Printer users read this post as the successful exploitation of these buffer overflow vulnerabilities would allow attackers to perform arbitrary code execution, remote code execution, and Denial-of-Service (DoS) attacks on the vulnerable printer modules. Let’s see How to Fix the Three New Buffer Overflow Vulnerabilities in Canon Printers- (CVE-2022-24672, CVE-2022-24673, CVE-2022-24674) and secure your Canon printers from these buffer overflow vulnerabilities.
List Of Buffer Overflow Vulnerabilities In Canon Printers:
CVE-2022-24672: A Stack-based Buffer overflow in the CADM service of Canon imageCLASS MF644Cdw printers.
CVE-2022-24673: A Stack-based Buffer overflow in the implementation of the SLP protocol of Canon imageCLASS MF644Cdw printers.
CVE-2022-24674: A Stack-based Buffer overflow in the privet API of Canon imageCLASS MF644Cdw printers.
Summary Of CVE-2022-24672- Buffer Overflow Vulnerabilities In The CADM Service:
The CVE-2022-24672 vulnerability is due to the improper validation of the length of user-supplied data prior to copying it to a fixed-length heap-based buffer in the CADM service. An attacker can leverage this vulnerability to execute code in the service account context. These buffer overflow vulnerabilities would allow attackers to perform arbitrary code execution, remote code execution, and Denial-of-Service (DoS) attacks on affected installations of Canon imageCLASS MF644Cdw printer modules.
| Associated CVE ID | CVE-2022-24672 |
| Description | A Stack-based Buffer overflow in the privet API of Canon imageCLASS MF644Cdw printers. |
| Associated ZDI ID | – |
| CVSS Score | 8.8 High |
| Vector | CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
| Impact Score | – |
| Exploitability Score | – |
| Attack Vector (AV) | Adjacent Network |
| Attack Complexity (AC) | Low |
| Privilege Required (PR) | None |
| User Interaction (UI) | None |
| Scope | Unchanged |
| Confidentiality (C) | High |
| Integrity (I) | High |
| availability (a) | High |
Summary Of CVE-2022-24673- Buffer Overflow Vulnerabilities In The Implementation Of The SLP Protocol:
The CVE-2022-24673 vulnerability is due to the improper validation of the length of user-supplied data before copying it to a fixed-length heap-based buffer in the implementation of the SLP protocol. An attacker can leverage this vulnerability to execute code in the context of root. These buffer overflow vulnerabilities would allow attackers to perform arbitrary code execution, remote code execution, and Denial-of-Service (DoS) attacks on affected installations of Canon imageCLASS MF644Cdw printer modules.
| Associated CVE ID | CVE-2022-24673 |
| Description | A Stack-based Buffer overflow in the implementation of the SLP protocol of Canon imageCLASS MF644Cdw printers. |
| Associated ZDI ID | – |
| CVSS Score | 8.8 High |
| Vector | CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
| Impact Score | – |
| Exploitability Score | – |
| Attack Vector (AV) | Adjacent Network |
| Attack Complexity (AC) | Low |
| Privilege Required (PR) | None |
| User Interaction (UI) | None |
| Scope | Unchanged |
| Confidentiality (C) | High |
| Integrity (I) | High |
| availability (a) | High |
Summary Of CVE-2022-24674- Buffer Overflow Vulnerabilities In The Privet API:
The CVE-2022-24674 vulnerability is due to the improper validation of the length of user-supplied data before copying it to a fixed-length heap-based buffer in the privet API. An attacker can leverage this vulnerability to execute code in the service account context. These buffer overflow vulnerabilities would allow attackers to perform arbitrary code execution, remote code execution, and Denial-of-Service (DoS) attacks on affected installations of Canon imageCLASS MF644Cdw printer modules.
| Associated CVE ID | CVE-2022-24674 |
| Description | A Stack-based Buffer overflow in the privet API of Canon imageCLASS MF644Cdw printers. |
| Associated ZDI ID | – |
| CVSS Score | 8.8 High |
| Vector | CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
| Impact Score | – |
| Exploitability Score | – |
| Attack Vector (AV) | Adjacent Network |
| Attack Complexity (AC) | Low |
| Privilege Required (PR) | None |
| User Interaction (UI) | None |
| Scope | Unchanged |
| Confidentiality (C) | High |
| Integrity (I) | High |
| availability (a) | High |
Products Affected By These Buffer Overflow Vulnerabilities:
Advisory says that these buffer overflow vulnerabilities affect multiple Canon Laser Printers and Small Office Multifunctional Printer modules. The list would look like this :
imageCLASS MF Series
MF1127C
MF1238
MF445DW/MF448DW/MF449DW/MF543DW
MF632CDW/MF634CDW
MF641CW/MF642CDW/MF644CDW
MF731CDW/MF733CDW/MF735CDW
MF741CDW/MF743CDW/MF745CDW/MF746CDW
imageCLASS LBP Series
LBP1127C
LBP1238
LBP226DW/LBP227DW/LBP228DW
LBP612CDW
LBP622CDW/LBP623CDW
LBP654CDW
LBP664CDW
Note: The list may change as more investigations happen. Please visit this page for updated information.
How To Fix The Three New Buffer Overflow Vulnerabilities In Canon Printers?
The best solution to fix these buffer overflow vulnerabilities is upgrading the product’s firmware. If you are not in a position to upgrade the firmware anytime soon. It is good to disconnect the printer devices from the internet. If you really need the printer service to be used over the internet, configure the printer behind a firewall or VPN in a secured way. Click on these links to see how to upgrade the firmware. We recommend checking the product’s guide or contact support before upgrading the firmware.
Follow these best practices to secure your printer service on the internet:
Change the default password of the printer to a new complex password.
Enable the passwords for all admin and non-admin accounts.
Configure the printers behind the firewall and VPNs and implement network and access restrictions.
Use the encrypted network channel to connect the printers over the internet.
Disable the ports is not in use.
Set the product’s security function settings as strong as possible.
Keep the firmware version up to date.
Back up the data and configurations settings regularly.
We hope this post would help you know How to Fix the Three New Buffer Overflow Vulnerabilities in Canon Printers- (CVE-2022-24672, CVE-2022-24673, CVE-2022-24674). Please share this post and help to secure the digital world. Visit our social media page on Facebook, LinkedIn, Twitter, Telegram, Tumblr, & Medium and subscribe to receive updates like this.
Arun KL
Arun KL is a cybersecurity professional with 15+ years of experience in IT infrastructure, cloud security, vulnerability management, Penetration Testing, security operations, and incident response. He is adept at designing and implementing robust security solutions to safeguard systems and data. Arun holds multiple industry certifications including CCNA, CCNA Security, RHCE, CEH, and AWS Security.
