Regarding Vulnerability Measure against Buffer Overflow for Laser Printers and Small Office Multifunction Printers

Thank you for using Canon Products.

Multiple cases of buffer overflow vulnerabilities have been found for Canon Laser Printers and Small Office Multifunction Printers.

These vulnerabilities indicate the possibility that if a product is connected directly to the Internet without using a router (wired or Wi-Fi), an unauthenticated remote attacker via the Internet may be able to execute arbitrary code and/or may be able to target the product in a Denial-of Service (DoS) attack.

Buffer Overflow
CVE-2023-6229
CVE-2023-6230
CVE-2023-6231
CVE-2023-6232
CVE-2023-6233
CVE-2023-6234
CVE-2024-0244

There have been no reports of damage relating to this vulnerability. However, to enhance the security of the product, we advise customers to install the latest firmware available for the Affected Models provided below.

We also recommend customers to set a private IP address for the products and create a network environment with a firewall or Wired/Wi-Fi router that can restrict network access.

For details, please refer to the following link.

We will work towards further strengthening security measures to ensure that customers can continue using Canon products with peace of mind.

Affected Products:
Small Office MFP/LBP, please click here.
Business Multifunction Devices, please click here.

We will continue to update customers on any vulnerability detected in other products.

Contact Information for Inquiries:
Please contact your nearest service centre if you have any queries.

First Posted on 5 Feb 2024

Affected Products

Small Office MFP/LBP

imageCLASS LBP

Please click here for latest firmware available for the Affected Models.

Product Model	CVE- 2023-6229	CVE- 2023-6230	CVE- 2023-6231	CVE- 2023-6232	CVE- 2023-6233	CVE- 2023-6234	CVE- 2024-0244
LBP121dn	YES	YES	YES	YES	YES	YES	-
LBP122dw	YES	YES	YES	YES	YES	YES	-
LBP243dw	YES	YES	YES	YES	YES	YES	-
LBP246dw	YES	YES	YES	YES	YES	YES	-
LBP248x	YES	YES	YES	YES	YES	YES	-
LBP621Cw	YES	YES	YES	YES	YES	YES	-
LBP623Cdw	YES	YES	YES	YES	YES	YES	-
LBP664Cx	YES	YES	YES	YES	YES	YES	-
LBP673Cdw	YES	YES	YES	YES	YES	YES	-
LBP674Cx	YES	YES	YES	YES	YES	YES	-

imageCLASS MF

Please click here for latest firmware available for the Affected Models.

Product Model	CVE- 2023-6229	CVE- 2023-6230	CVE- 2023-6231	CVE- 2023-6232	CVE- 2023-6233	CVE- 2023-6234	CVE- 2024-0244
MF271dn	YES	YES	YES	YES	YES	YES	-
MF272dw	YES	YES	YES	YES	YES	YES	-
MF274dn	YES	YES	YES	YES	YES	YES	-
MF275dw	YES	YES	YES	YES	YES	YES	-
MF461dw	YES	YES	YES	YES	YES	YES	-
MF465dw	YES	YES	YES	YES	YES	YES	-
MF469x	YES	YES	YES	YES	YES	YES	-
MF641Cw	YES	YES	YES	YES	YES	YES	-
MF642Cdw	YES	YES	YES	YES	YES	YES	-
MF643Cdw	YES	YES	YES	YES	YES	YES	-
MF644Cdw	YES	YES	YES	YES	YES	YES	YES
MF645Cx	YES	YES	YES	YES	YES	YES	YES
MF746Cx	YES	YES	YES	YES	YES	YES	YES
MF752Cdw	YES	YES	YES	YES	YES	YES	-
MF756Cx	YES	YES	YES	YES	YES	YES	YES

Business Multifunction Devices

imageRUNNER

(Please contact your nearest service centre if you have any queries.)

Product Model	CVE- 2023-6229	CVE- 2023-6230	CVE- 2023-6231	CVE- 2023-6232	CVE- 2023-6233	CVE- 2023-6234	CVE- 2024-0244
imageRUNNER 1643i II	YES	YES	YES	YES	YES	YES	-
imageRUNNER 1643iF II	YES	YES	YES	YES	YES	YES	-

Regarding Vulnerability Measure against Buffer Overflow for Laser Printers and Small Office Multifunction Printers - Canon Indonesia

09 Apr 2024 (Updated)