February 6, 2024 at 09:00AM
Canon announced software updates to patch seven critical vulnerabilities impacting small office printer models. These buffer overflow bugs can be exploited for remote code execution or to cause unresponsiveness. The flaws, with a CVSS score of 9.8, affect various printer components and specific models globally. Customers are advised to install the latest firmware and restrict printer access.
Key takeaways from the meeting notes:
– Canon announced software updates to patch seven critical-severity vulnerabilities affecting several small office printer models.
– The vulnerabilities can be exploited for remote code execution (RCE) or to cause the printer to become unresponsive.
– The flaws have a CVSS score of 9.8 and were reported through Trend Micro’s Zero Day Initiative (ZDI).
– Vulnerable printer models include i-SENSYS LBP673Cdw, MF752Cdw, MF754Cdw, C1333i, C1333iF, and C1333P series in Europe, imageCLASS MF753CDW, MF751CDW, MF1333C, LBP674CDW, and LBP1333C series in North America, and Satera LBP670C and MF750C series in Japan.
– Firmware versions 03.07 and earlier are impacted, and updates are available on Canon’s regional websites.
– Customers are advised to install the latest firmware, restrict printer access behind a firewall or router, and set a private IP address for the printers to enhance security.
Let me know if there is anything else you need.