9.8
CRITICAL
CVE-2023-0851
"CPCA Office Printers Unstable Command Execution Vulnerability"
Description

Buffer overflow in CPCA Resource Download process of Office / Small Office Multifunction Printers and Laser Printers(*) which may allow an attacker on the network segment to trigger the affected product being unresponsive or to execute arbitrary code. *:Satera LBP660C Series/LBP620C Series/MF740C Series/MF640C Series firmware Ver.11.04 and earlier sold in Japan. Color imageCLASS LBP660C Series/LBP 620C Series/X LBP1127C/MF740C Series/MF640C Series/X MF1127C firmware Ver.11.04 and earlier sold in US. i-SENSYS LBP660C Series/LBP620C Series/MF740C Series/MF640C Series, C1127P, C1127iF, C1127i firmware Ver.11.04 and earlier sold in Europe.

INFO

Published Date :

May 11, 2023, 1:15 p.m.

Last Modified :

Nov. 7, 2023, 4:01 a.m.

Source :

f98c90f0-e9bd-4fa7-911b-51993f3571fd

Remotely Exploitable :

Yes !

Impact Score :

5.9

Exploitability Score :

3.9
Affected Products

The following products are affected by CVE-2023-0851 vulnerability. Even if cvefeed.io is aware of the exact versions of the products that are affected, the information is not represented in the table below.

ID Vendor Product Action
1 Canon mf1127c_firmware
2 Canon mf641cw_firmware
3 Canon mf642cdw_firmware
4 Canon mf644cdw_firmware
5 Canon mf741cdw_firmware
6 Canon mf743cdw_firmware
7 Canon mf745cdw_firmware
8 Canon mf746cdw_firmware
9 Canon lbp1127c_firmware
10 Canon lbp622cdw_firmware
11 Canon lbp623cdw_firmware
12 Canon lbp664cdw_firmware
13 Canon lbp621c_firmware
14 Canon lbp622c_firmware
15 Canon lbp661c_firmware
16 Canon lbp662c_firmware
17 Canon lbp664c_firmware
18 Canon mf262dw_ii_firmware
19 Canon mf264dw_ii_firmware
20 Canon mf267dw_ii_firmware
21 Canon mf269dw_ii_firmware
22 Canon mf269dw_vp_ii_firmware
23 Canon mf272dw_firmware
24 Canon mf273dw_firmware
25 Canon mf275dw_firmware
26 Canon lbp122dw_firmware
27 Canon imageprograf_tc-20_firmware
28 Canon imageprograf_tc-20m_firmware
29 Canon pixma_g3270_firmware
30 Canon pixma_g4270_firmware
31 Canon maxify_gx3020_firmware
32 Canon maxify_gx4020_firmware
33 Canon i-sensys_lbp621cw_firmware
34 Canon i-sensys_lbp623cdw_firmware
35 Canon i-sensys_lbp633cdw_firmware
36 Canon i-sensys_lbp664cx_firmware
37 Canon i-sensys_mf641cw_firmware
38 Canon i-sensys_mf643cdw_firmware
39 Canon i-sensys_mf645cx_firmware
40 Canon i-sensys_mf742cdw_firmware
41 Canon i-sensys_mf744cdw_firmware
42 Canon i-sensys_mf746cx_firmware
43 Canon i-sensys_x_c1127i_firmware
44 Canon i-sensys_x_c1127if_firmware
45 Canon i-sensys_x_c1127p_firmware
: Total Affected Vendor : 1 | Products : 45
References to Advisories, Solutions, and Tools

Here, you will find a curated list of external links that provide in-depth information, practical solutions, and valuable tools related to CVE-2023-0851.

URL Resource
https://canon.jp/support/support-info/230414vulnerability-response
https://psirt.canon/advisory-information/cp2023-001/
https://www.canon-europe.com/support/product-security-latest-news/
https://www.usa.canon.com/support/canon-product-advisories/Service-Notice-Vulnerabilities-Remediation-Against-Buffer-Overflow

We scan GitHub repositories to detect new proof-of-concept exploits. Following list is a collection of public exploits and proof-of-concepts, which have been published on GitHub (sorted by the most recently updated).

Results are limited to the first 15 repositories due to potential performance issues.

The following list is the news that have been mention CVE-2023-0851 vulnerability anywhere in the article.

The following table lists the changes that have been made to the CVE-2023-0851 vulnerability over time.

Vulnerability history details can be useful for understanding the evolution of a vulnerability, and for identifying the most recent changes that may impact the vulnerability's severity, exploitability, or other characteristics.

  • CVE Modified by f98c90f0-e9bd-4fa7-911b-51993f3571fd

    May. 14, 2024

    Action Type Old Value New Value
  • CVE Source Update by f98c90f0-e9bd-4fa7-911b-51993f3571fd

    Nov. 07, 2023

    Action Type Old Value New Value
    Changed Source MITRE Canon Inc.
  • CVE Modified by f98c90f0-e9bd-4fa7-911b-51993f3571fd

    Nov. 07, 2023

    Action Type Old Value New Value
    Added Reference Canon Inc. https://www.canon-europe.com/support/product-security-latest-news/ [No types assigned]
    Added Reference Canon Inc. https://psirt.canon/advisory-information/cp2023-001/ [No types assigned]
    Added Reference Canon Inc. https://canon.jp/support/support-info/230414vulnerability-response [No types assigned]
    Added Reference Canon Inc. https://www.usa.canon.com/support/canon-product-advisories/Service-Notice-Vulnerabilities-Remediation-Against-Buffer-Overflow [No types assigned]
    Removed Reference MITRE https://canon.jp/support/support-info/230414vulnerability-response
    Removed Reference MITRE https://psirt.canon/advisory-information/cp2023-001/
    Removed Reference MITRE https://www.usa.canon.com/support/canon-product-advisories/Service-Notice-Vulnerabilities-Remediation-Against-Buffer-Overflow
    Removed Reference MITRE https://www.canon-europe.com/support/product-security-latest-news/
    Added CWE Canon Inc. CWE-122
    Removed CWE MITRE CWE-122
    Removed CVSS V3.1 MITRE AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
    Added CVSS V3.1 Canon Inc. AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
  • Initial Analysis by [email protected]

    May. 20, 2023

    Action Type Old Value New Value
    Added CVSS V3.1 NIST AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
    Changed Reference Type https://canon.jp/support/support-info/230414vulnerability-response No Types Assigned https://canon.jp/support/support-info/230414vulnerability-response Vendor Advisory
    Changed Reference Type https://psirt.canon/advisory-information/cp2023-001/ No Types Assigned https://psirt.canon/advisory-information/cp2023-001/ Vendor Advisory
    Changed Reference Type https://www.canon-europe.com/support/product-security-latest-news/ No Types Assigned https://www.canon-europe.com/support/product-security-latest-news/ Vendor Advisory
    Changed Reference Type https://www.usa.canon.com/support/canon-product-advisories/Service-Notice-Vulnerabilities-Remediation-Against-Buffer-Overflow No Types Assigned https://www.usa.canon.com/support/canon-product-advisories/Service-Notice-Vulnerabilities-Remediation-Against-Buffer-Overflow Vendor Advisory
    Added CWE NIST CWE-787
    Added CPE Configuration AND OR *cpe:2.3:o:canon:mf642cdw_firmware:*:*:*:*:*:*:*:* versions up to (including) 11.04 OR cpe:2.3:h:canon:mf642cdw:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:canon:mf644cdw_firmware:*:*:*:*:*:*:*:* versions up to (including) 11.04 OR cpe:2.3:h:canon:mf644cdw:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:canon:mf741cdw_firmware:*:*:*:*:*:*:*:* versions up to (including) 11.04 OR cpe:2.3:h:canon:mf741cdw:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:canon:mf743cdw_firmware:*:*:*:*:*:*:*:* versions up to (including) 11.04 OR cpe:2.3:h:canon:mf743cdw:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:canon:mf745cdw_firmware:*:*:*:*:*:*:*:* versions up to (including) 11.04 OR cpe:2.3:h:canon:mf745cdw:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:canon:lbp621c_firmware:*:*:*:*:*:*:*:* versions up to (including) 11.04 OR cpe:2.3:h:canon:lbp621c:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:canon:lbp622c_firmware:*:*:*:*:*:*:*:* versions up to (including) 11.04 OR cpe:2.3:h:canon:lbp622c:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:canon:lbp661c_firmware:*:*:*:*:*:*:*:* versions up to (including) 11.04 OR cpe:2.3:h:canon:lbp661c:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:canon:lbp662c_firmware:*:*:*:*:*:*:*:* versions up to (including) 11.04 OR cpe:2.3:h:canon:lbp662c:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:canon:lbp664c_firmware:*:*:*:*:*:*:*:* versions up to (including) 11.04 OR cpe:2.3:h:canon:lbp664c:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:canon:mf1127c_firmware:*:*:*:*:*:*:*:* versions up to (including) 11.04 OR cpe:2.3:h:canon:mf1127c:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:canon:mf262dw_ii_firmware:*:*:*:*:*:*:*:* versions up to (including) 11.04 OR cpe:2.3:h:canon:mf262dw_ii:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:canon:mf264dw_ii_firmware:*:*:*:*:*:*:*:* versions up to (including) 11.04 OR cpe:2.3:h:canon:mf264dw_ii:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:canon:mf267dw_ii_firmware:*:*:*:*:*:*:*:* versions up to (including) 11.04 OR cpe:2.3:h:canon:mf267dw_ii:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:canon:mf269dw_ii_firmware:*:*:*:*:*:*:*:* versions up to (including) 11.04 OR cpe:2.3:h:canon:mf269dw_ii:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:canon:mf269dw_vp_ii_firmware:*:*:*:*:*:*:*:* versions up to (including) 11.04 OR cpe:2.3:h:canon:mf269dw_vp_ii:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:canon:mf272dw_firmware:*:*:*:*:*:*:*:* versions up to (including) 11.04 OR cpe:2.3:h:canon:mf272dw:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:canon:mf273dw_firmware:*:*:*:*:*:*:*:* versions up to (including) 11.04 OR cpe:2.3:h:canon:mf273dw:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:canon:mf275dw_firmware:*:*:*:*:*:*:*:* versions up to (including) 11.04 OR cpe:2.3:h:canon:mf275dw:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:canon:mf641cw_firmware:*:*:*:*:*:*:*:* versions up to (including) 11.04 OR cpe:2.3:h:canon:mf641cw:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:canon:mf746cdw_firmware:*:*:*:*:*:*:*:* versions up to (including) 11.04 OR cpe:2.3:h:canon:mf746cdw:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:canon:lbp122dw_firmware:*:*:*:*:*:*:*:* versions up to (including) 11.04 OR cpe:2.3:h:canon:lbp122dw:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:canon:lbp1127c_firmware:*:*:*:*:*:*:*:* versions up to (including) 11.04 OR cpe:2.3:h:canon:lbp1127c:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:canon:lbp622cdw_firmware:*:*:*:*:*:*:*:* versions up to (including) 11.04 OR cpe:2.3:h:canon:lbp622cdw:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:canon:lbp623cdw_firmware:*:*:*:*:*:*:*:* versions up to (including) 11.04 OR cpe:2.3:h:canon:lbp623cdw:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:canon:lbp664cdw_firmware:*:*:*:*:*:*:*:* versions up to (including) 11.04 OR cpe:2.3:h:canon:lbp664cdw:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:canon:imageprograf_tc-20_firmware:*:*:*:*:*:*:*:* versions up to (including) 11.04 OR cpe:2.3:h:canon:imageprograf_tc-20:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:canon:imageprograf_tc-20m_firmware:*:*:*:*:*:*:*:* versions up to (including) 11.04 OR cpe:2.3:h:canon:imageprograf_tc-20m:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:canon:pixma_g3270_firmware:*:*:*:*:*:*:*:* versions up to (including) 11.04 OR cpe:2.3:h:canon:pixma_g3270:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:canon:pixma_g4270_firmware:*:*:*:*:*:*:*:* versions up to (including) 11.04 OR cpe:2.3:h:canon:pixma_g4270:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:canon:maxify_gx3020_firmware:*:*:*:*:*:*:*:* versions up to (including) 11.04 OR cpe:2.3:h:canon:maxify_gx3020:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:canon:maxify_gx4020_firmware:*:*:*:*:*:*:*:* versions up to (including) 11.04 OR cpe:2.3:h:canon:maxify_gx4020:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:canon:i-sensys_lbp621cw_firmware:*:*:*:*:*:*:*:* versions up to (including) 11.04 OR cpe:2.3:h:canon:i-sensys_lbp621cw:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:canon:i-sensys_lbp623cdw_firmware:*:*:*:*:*:*:*:* versions up to (including) 11.04 OR cpe:2.3:h:canon:i-sensys_lbp623cdw:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:canon:i-sensys_lbp633cdw_firmware:*:*:*:*:*:*:*:* versions up to (including) 11.04 OR cpe:2.3:h:canon:i-sensys_lbp633cdw:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:canon:i-sensys_lbp664cx_firmware:*:*:*:*:*:*:*:* versions up to (including) 11.04 OR cpe:2.3:h:canon:i-sensys_lbp664cx:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:canon:i-sensys_mf641cw_firmware:*:*:*:*:*:*:*:* versions up to (including) 11.04 OR cpe:2.3:h:canon:i-sensys_mf641cw:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:canon:i-sensys_mf643cdw_firmware:*:*:*:*:*:*:*:* versions up to (including) 11.04 OR cpe:2.3:h:canon:i-sensys_mf643cdw:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:canon:i-sensys_mf645cx_firmware:*:*:*:*:*:*:*:* versions up to (including) 11.04 OR cpe:2.3:h:canon:i-sensys_mf645cx:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:canon:i-sensys_mf742cdw_firmware:*:*:*:*:*:*:*:* versions up to (including) 11.04 OR cpe:2.3:h:canon:i-sensys_mf742cdw:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:canon:i-sensys_mf744cdw_firmware:*:*:*:*:*:*:*:* versions up to (including) 11.04 OR cpe:2.3:h:canon:i-sensys_mf744cdw:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:canon:i-sensys_mf746cx_firmware:*:*:*:*:*:*:*:* versions up to (including) 11.04 OR cpe:2.3:h:canon:i-sensys_mf746cx:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:canon:i-sensys_x_c1127i_firmware:*:*:*:*:*:*:*:* versions up to (including) 11.04 OR cpe:2.3:h:canon:i-sensys_x_c1127i:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:canon:i-sensys_x_c1127if_firmware:*:*:*:*:*:*:*:* versions up to (including) 11.04 OR cpe:2.3:h:canon:i-sensys_x_c1127if:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:canon:i-sensys_x_c1127p_firmware:*:*:*:*:*:*:*:* versions up to (including) 11.04 OR cpe:2.3:h:canon:i-sensys_x_c1127p:-:*:*:*:*:*:*:*
EPSS is a daily estimate of the probability of exploitation activity being observed over the next 30 days. Following chart shows the EPSS score history of the vulnerability.
CWE - Common Weakness Enumeration

While CVE identifies specific instances of vulnerabilities, CWE categorizes the common flaws or weaknesses that can lead to vulnerabilities. CVE-2023-0851 is associated with the following CWEs:

Common Attack Pattern Enumeration and Classification (CAPEC)

Common Attack Pattern Enumeration and Classification (CAPEC) stores attack patterns, which are descriptions of the common attributes and approaches employed by adversaries to exploit the CVE-2023-0851 weaknesses.

Exploit Prediction

EPSS is a daily estimate of the probability of exploitation activity being observed over the next 30 days.

0.37 }} 0.05%

score

0.72523

percentile

CVSS31 - Vulnerability Scoring System
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
: