CVE-2020-16849

An issue was discovered on Canon MF237w 06.07 devices. An "Improper Handling of Length Parameter Inconsistency" issue in the IPv4/ICMPv4 component, when handling a packet sent by an unauthenticated network attacker, may expose Sensitive Information.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
7.5 HIGH
NETWORK
LOW
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
mitreCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 57%
VendorProductVersion
canonmf237w_firmware
06.07
canonmf113w_firmware
-
canonmf212w_firmware
-
canonmf216n_firmware
-
canonmf217w_firmware
-
canonmf226dn_firmware
-
canonmf229dw_firmware
-
canonmf231_firmware
-
canonmf232w_firmware
-
canonmf244dw_firmware
-
canonmf247dw_firmware
-
canonmf249dw_firmware
-
canonmf264dw_firmware
-
canonmf267dw_firmware
-
canonmf269dw_firmware
-
canonmf4570dn_firmware
-
canonmf4580dn_firmware
-
canonmf4780w_firmware
-
canonmf4870dn_firmware
-
canonmf4890dw_firmware
-
canonlbp113w_firmware
-
canonlbp151dw_firmware
-
canonlbp162dw_firmware
-
canonir2202n_firmware
-
canonir2204n_firmware
-
canonir2204f_firmware
-
canonir2206n_firmware
-
canonir2206if_firmware
-
𝑥
= Vulnerable software versions
References
https://blog.scadafence.com/vulnerability-report-cve-2020-16849
https://www.canon-europe.com/support/product-security/
https://blog.scadafence.com/vulnerability-report-cve-2020-16849
https://www.canon-europe.com/support/product-security/