CVE-2023-0859

CWE-12853 documents3 sources

Severity

5.3MEDIUM

EPSS

0.1%

top 77.39%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Canon I-sensys Lbp621cw Firmware Canon I-sensys Lbp623cdw Firmware Canon I-sensys Lbp633cdw Firmware +43 more

Timeline

PublishedMay 11

Description

Arbitrary Files can be installed in the Setting Data Import function of Office / Small Office Multifunction Printers and Laser Printers(*). *:Satera LBP660C Series/LBP620C Series/MF740C Series/MF640C Series firmware Ver.11.04 and earlier sold in Japan. Color imageCLASS LBP660C Series/LBP 620C Series/X LBP1127C/MF740C Series/MF640C Series/X MF1127C firmware Ver.11.04 and earlier sold in US. i-SENSYS LBP660C Series/LBP620C Series/MF740C Series/MF640C Series, C1127P, C1127iF, C1127i firmware Ver.11…

CVSS vector

CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:L/A:NExploitability: 0.7 | Impact: 1.4

Affected Packages46 packages

▶CVEListV5canon_inc./canon_office/small_office_multifunction_printers_and_laser_printersSatera LBP660C Series/LBP620C Series/MF740C Series/MF640C Series firmware Ver.11.04 and earlier sold in Japan. Color imageCLASS LBP660C Series/LBP 620C Series/X LBP1127C/MF740C Series/MF640C Series/X MF1127C firmware Ver.11.04 and earlier sold in US. i-SENSYS LBP660C Series/LBP620C Series/MF740C Series/MF640C Series, C1127P, C1127iF, C1127i firmware Ver.11.04 and earlier sold in Europe.

▶NVDcanon/i-sensys_x_c1127i_firmware11.04

▶NVDcanon/i-sensys_x_c1127if_firmware11.04

▶NVDcanon/i-sensys_x_c1127p_firmware11.04

▶NVDcanon/mf1127c_firmware11.04

🔴Vulnerability Details

CVEList

CVE-2023-0859: Arbitrary Files can be installed in the Setting Data Import function of Office / Small Office Multifunction Printers and Laser Printers(*)↗2023-05-11

▶

GHSA

GHSA-vpmg-66f3-9f7w: Arbitrary Files can be installed in the Setting Data Import function of Office / Small Office Multifunction Printers and Laser Printers(*)↗2023-05-11

▶