Canon Alert: Critical vulnerabilities in Canon printers

On February 5, 2024 Canon warned that several vulnerabilities have been discovered in certain SOHO multifunction and laser printers. If a product is connected to the Internet without a router, attackers can push arbitrary code onto the affected devices without prior authentication.

Canon’s according safety announcement is extremely brief and tight-lipped. The gaps also allow devices to be paralyzed via a denial of service over the Internet. Canon names a total of seven security gaps, without going into any details or specifying the specific severity level, for example according to CVSS.

Canon: SOHO printer with critical gaps

Canon lists the CVE numbers for each vulnerability. Their CVE entries explain the security leaks and affected printers in more detail. All seven gaps achieve a CVS value of 9.8 and are therefore considered a critical risk level.

The CVE entries

CVE-2023-6229: Buffer overflow in CPCA PDL resource download process, CVSS 9.8, critical
CVE-2023-6230: Buffer overflow in address book password authentication process, CVSS 9.8, critical
CVE-2023-6231: Buffer overflow in WSD requests, CVSS 9.8, critical
CVE-2023-6232: Buffer overflow in address book authentication process for username, CVSS 9.8, critical
CVE-2023-6233: Buffer overflow in SLP attribute request process, CVSS 9.8, critical
CVE-2023-6234: Buffer overflow in CPCA Color LUT resource download, CVSS 9.8, critical
CVE-2024-0244: Buffer overflow in CPCA PCFAX number processing, CVSS 9.8, critical

The affected printer models differ by region. In Japan there are the Satera LBP670C and Satera MF750C series, in the USA the Color imageCLASS LBP674C, X LBP1333C, MF750C and In all of the series mentioned, devices with firmware versions up to and including v03.07 and older are vulnerable to the misuse of the security gaps.

Canon wants to upload updated firmware versions to the support pages, which affected customers with the printer series mentioned should download and install. The manufacturer also recommends that the printers be assigned a private IP address and operated behind a firewall or a wired or WiFi router. These can restrict network access.

For the moment Canon recommends users to set a private IP address for the products and create a network environment with a firewall or wired/Wi-Fi router that restricts network access.

To mitigate security risks in general, it is essential to implement suitable settings and utilize your products within a secure environment. Canon offers more assistance on securing products when connecting to a network here.