Canon Small Office Multifunction Printers and Laser Printers Buffer Overflow Vulnerability in XML Processing of XPS Files

A buffer overflow vulnerability has been identified in the XML processing of XPS files on certain Canon Small Office Multifunction Printers and Laser Printers. This vulnerability affects models in the Satera LBP670C Series, Satera MF750C Series, Color imageCLASS LBP630C, Color imageCLASS MF650C Series, imageCLASS LBP230 Series, imageCLASS X LBP1238 II, imageCLASS MF450 Series, imageCLASS X MF1238 II, imageCLASS X MF1643i II, imageCLASS X MF1643iF II, and several i-SENSYS LBP630C Series, MF650C Series, LBP230 Series, 1238P II, 1238Pr II, MF450 Series, MF550 Series, 1238i II, 1238iF II, imageRUNNER 1643i II, and imageRUNNER 1643iF II models, all with firmware version 06.02 or earlier. The vulnerability may allow an attacker on the same network segment to cause the printer to become unresponsive or to execute arbitrary code.

Impact

Exploitation of this vulnerability could lead to a buffer overflow, allowing for arbitrary code execution or causing the printer to become unresponsive.

Remediation

Users are advised to update to the latest firmware version and to connect the printer through a firewall or router to restrict network access. Firmware updates can be downloaded from the Canon Support website or through the printer's management settings.