CVE-2024-2184

EUVD-2024-27146

11.03.2024, 01:15

Buffer overflow in identifier field of WSD probe request process of Small Office Multifunction Printers and Laser Printers(*) which may allow an attacker on the network segment to trigger the affected product being unresponsive or to execute arbitrary code.*:Satera MF740C Series/Satera MF640C Series/Satera LBP660C Series/Satera LBP620C Series firmware v12.07 and earlier, and Satera MF750C Series/Satera LBP670C Series firmware v03.09 and earlier sold in Japan.Color imageCLASS MF740C Series/Color imageCLASS MF640C Series/Color imageCLASS X MF1127C/Color imageCLASS LBP664Cdw/Color imageCLASS LBP622Cdw/Color imageCLASS X LBP1127C firmware v12.07 and earlier, and Color imageCLASS MF750C Series/Color imageCLASS X MF1333C/Color imageCLASS LBP674Cdw/Color imageCLASS X LBP1333C firmware v03.09 and earlier sold in US.i-SENSYS MF740C Series/i-SENSYS MF640C Series/C1127i Series/i-SENSYS LBP660C Series/i-SENSYS LBP620C Series/C1127P firmware v12.07 and earlier, and i-SENSYS MF750C Series/C1333i Series/i-SENSYS LBP673Cdw/C1333P firmware v03.09 and earlier sold in Europe.

Provider	Type	Base Score	Atk. Vector	Atk. Complexity	Priv. Required	Vector
NIST	Primary	9.8 CRITICAL	NETWORK	LOW	NONE	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Base Score

CVSS 3.x

EPSS Score

Percentile: 32%

Early Detection

Affected products identified ahead of NVD analysis through intelligence sources.

Vendor	Product	Version	Source
canon	color_imageclass_mf740c_series	𝑥 ≤ 12..07	ADP
canon	color_imageclass_mf640c_series	𝑥 ≤ 12.07	ADP
canon	i-sensys_mf740c_series	𝑥 ≤ 12.07	ADP
canon	i-sensys_mf640c_series	𝑥 ≤ 12.07	ADP
canon	satera_mf740c_series	𝑥 ≤ 12.07	ADP
canon	color_imageclass_x_mf1127c	𝑥 ≤ 12.07	ADP
canon	color_imageclass_lbp664cdw	𝑥 ≤ 12.07	ADP
canon	c1127i_series	𝑥 ≤ 12.07	ADP
canon	color_imageclass_lbp622cdw	𝑥 ≤ 12.07	ADP
canon	i-sensys_lbp660c_series	𝑥 ≤ 12.07	ADP
canon	i-sensys_lbp620c_series	𝑥 ≤ 12.07	ADP
canon	i-sensys_mf750c_series	𝑥 ≤ 03.09	ADP
canon	color_imageclass_x_lbp1333c	𝑥 ≤ 03.09	ADP
canon	i-sensys_lbp673cdw	𝑥 ≤ 03.09	ADP
canon	satera_lbp670c_series	𝑥 ≤ 03.09	ADP
canon	c1333p	𝑥 ≤ 03.09	ADP
canon	satera_mf640c_series	𝑥 ≤ 12.07	ADP
canon	satera_lbp620c_series	𝑥 ≤ 12.07	ADP
canon	satera_lbp660c_series	𝑥 ≤ 12.07	ADP
canon	color_imageclass_x_lbp1127c	𝑥 ≤ 12.07	ADP
canon	color_imageclass_mf750c_series	𝑥 ≤ 03.09	ADP
canon	c1127p	𝑥 ≤ 12.07	ADP
canon	satera_mf750c_series	𝑥 ≤ 03.09	ADP
canon	color_imageclass_x_mf1333c	𝑥 ≤ 03.09	ADP
canon	c1333i_series	𝑥 ≤ 03.09	ADP
canon	color_imageclass_lbp674cdw	𝑥 ≤ 03.09	ADP

Common Weakness Enumeration

CWE-787 - Out-of-bounds Write
The software writes data past the end, or before the beginning, of the intended buffer.

References

https://psirt.canon/advisory-information/cp2024-002/