Regarding Vulnerability Measure against Buffer Overflow for Laser Printers and Small Office Multifunction Printers - Canon India

Thank you for using Canon Products.

Multiple cases of buffer overflow vulnerabilities have been found for Canon Laser Printers and Small Office Multifunction Printers.

These vulnerabilities indicate the possibility that if a product is connected directly to the Internet without using a router (wired or Wi-Fi), an unauthenticated remote attacker via the Internet may be able to execute arbitrary code and/or may be able to target the product in a Denial-of Service (DoS) attack.

Buffer Overflow
CVE-2023-6229
CVE-2023-6230
CVE-2023-6231
CVE-2023-6232
CVE-2023-6233
CVE-2023-6234
CVE-2024-0244

There have been no reports of damage relating to this vulnerability. However, to enhance the security of the product, we advise customers to install the latest firmware available for the Affected Models provided below.

We also recommend customers to set a private IP address for the products and create a network environment with a firewall or Wired/Wi-Fi router that can restrict network access.

For details, please refer  to the following link.

We will work towards further strengthening security measures to ensure that customers can continue using Canon products with peace of mind.

Affected Products:
Small Office MFP/LBP,  please click here.
Business Multifunction Devices,  please click here.

We will continue to update customers on any vulnerability detected in other products.

Contact Information for Inquiries:
Please contact your nearest service centre if you have any queries.

First Posted on 5 Feb 2024