Canon Mf644Cdw Firmware vulnerabilities

10 known vulnerabilities affecting canon/mf644cdw_firmware.

Total CVEs
10
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
CRITICAL6HIGH2MEDIUM2

Vulnerabilities

Page 1 of 1
CVE-2023-0851CRITICALCVSS 9.8≤ 11.042023-05-11
CVE-2023-0851 [CRITICAL] CWE-122 CVE-2023-0851: Buffer overflow in CPCA Resource Download process of Office / Small Office Multifunction Printers an Buffer overflow in CPCA Resource Download process of Office / Small Office Multifunction Printers and Laser Printers(*) which may allow an attacker on the network segment to trigger the affected product being unresponsive or to execute arbitrary code. *:Satera LBP660C Series/LBP620C Series/MF740C Series/MF640C Series firmware Ver.11.04 and earlier s
nvd
CVE-2023-0854CRITICALCVSS 9.8≤ 11.042023-05-11
CVE-2023-0854 [CRITICAL] CWE-122 CVE-2023-0854: Buffer overflow in NetBIOS QNAME registering and communication process of Office / Small Office Mult Buffer overflow in NetBIOS QNAME registering and communication process of Office / Small Office Multifunction Printers and Laser Printers(*) which may allow an attacker on the network segment to trigger the affected product being unresponsive or to execute arbitrary code. *:Satera LBP660C Series/LBP620C Series/MF740C Series/MF640C Series firmware Ve
nvd
CVE-2023-0852CRITICALCVSS 9.8≤ 11.042023-05-11
CVE-2023-0852 [CRITICAL] CWE-121 CVE-2023-0852: Buffer overflow in the Address Book of Mobile Device function of Office / Small Office Multifunction Buffer overflow in the Address Book of Mobile Device function of Office / Small Office Multifunction Printers and Laser Printers(*) which may allow an attacker on the network segment to trigger the affected product being unresponsive or to execute arbitrary code. *:Satera LBP660C Series/LBP620C Series/MF740C Series/MF640C Series firmware Ver.11.04 a
nvd
CVE-2023-0855CRITICALCVSS 9.8≤ 11.042023-05-11
CVE-2023-0855 [CRITICAL] CWE-121 CVE-2023-0855: Buffer overflow in IPP number-up attribute process of Office / Small Office Multifunction Printers a Buffer overflow in IPP number-up attribute process of Office / Small Office Multifunction Printers and Laser Printers(*) which may allow an attacker on the network segment to trigger the affected product being unresponsive or to execute arbitrary code. *:Satera LBP660C Series/LBP620C Series/MF740C Series/MF640C Series firmware Ver.11.04 and earlier
nvd
CVE-2023-0853CRITICALCVSS 9.8≤ 11.042023-05-11
CVE-2023-0853 [CRITICAL] CWE-121 CVE-2023-0853: Buffer overflow in mDNS NSEC record registering process of Office / Small Office Multifunction Print Buffer overflow in mDNS NSEC record registering process of Office / Small Office Multifunction Printers and Laser Printers(*) which may allow an attacker on the network segment to trigger the affected product being unresponsive or to execute arbitrary code. *:Satera LBP660C Series/LBP620C Series/MF740C Series/MF640C Series firmware Ver.11.04 and ear
nvd
CVE-2023-0856CRITICALCVSS 9.8≤ 11.042023-05-11
CVE-2023-0856 [CRITICAL] CWE-121 CVE-2023-0856: Buffer overflow in IPP sides attribute process of Office / Small Office Multifunction Printers and L Buffer overflow in IPP sides attribute process of Office / Small Office Multifunction Printers and Laser Printers(*) which may allow an attacker on the network segment to trigger the affected product being unresponsive or to execute arbitrary code. *:Satera LBP660C Series/LBP620C Series/MF740C Series/MF640C Series firmware Ver.11.04 and earlier sold
nvd
CVE-2023-0857HIGHCVSS 7.5≤ 11.042023-05-11
CVE-2023-0857 [MEDIUM] CWE-286 CVE-2023-0857: Unintentional change of settings during initial registration of system administrators which uses con Unintentional change of settings during initial registration of system administrators which uses control protocols. The affected Office / Small Office Multifunction Printers and Laser Printers(*) may allow an attacker on the network segment to trigger unauthorized access to the product. *:Satera LBP660C Series/LBP620C Series/MF740C Series/MF640C Serie
nvd
CVE-2023-0858MEDIUMCVSS 5.3≤ 11.042023-05-11
CVE-2023-0858 [LOW] CWE-284 CVE-2023-0858: Improper Authentication of RemoteUI of Office / Small Office Multifunction Printers and Laser Printe Improper Authentication of RemoteUI of Office / Small Office Multifunction Printers and Laser Printers(*) which may allow an attacker on the network segment to trigger unauthorized access to the product. *:Satera LBP660C Series/LBP620C Series/MF740C Series/MF640C Series firmware Ver.11.04 and earlier sold in Japan. Color imageCLASS LBP660C Series/LBP 620
nvd
CVE-2023-0859MEDIUMCVSS 5.3≤ 11.042023-05-11
CVE-2023-0859 [LOW] CWE-1285 CVE-2023-0859: Arbitrary Files can be installed in the Setting Data Import function of Office / Small Office Multif Arbitrary Files can be installed in the Setting Data Import function of Office / Small Office Multifunction Printers and Laser Printers(*). *:Satera LBP660C Series/LBP620C Series/MF740C Series/MF640C Series firmware Ver.11.04 and earlier sold in Japan. Color imageCLASS LBP660C Series/LBP 620C Series/X LBP1127C/MF740C Series/MF640C Series/X MF1127C firmw
nvd
CVE-2022-43608HIGHCVSS 8.8v10.032023-03-29
CVE-2022-43608 [HIGH] CWE-190 CVE-2022-43608: This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installat This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Canon imageCLASS MF644Cdw 10.03 printers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the BJNP service. The issue results from the lack of proper validation of user-supplied data, which can resul
nvd