Summary: Canon has issued a critical security advisory regarding multiple buffer overflow vulnerabilities in its Laser Printers and Small Office Multifunction Printers, with a high CVSS score of 9.8. These vulnerabilities could allow attackers to execute arbitrary code or launch Denial-of-Service (DoS) attacks, primarily affecting devices exposed to the Internet. Canon advises customers to take immediate action by updating firmware and securing their network configurations to mitigate risks.
Affected: Canon Laser Printers and Small Office Multifunction Printers
Keypoints :
- Vulnerabilities are tracked under CVEs: CVE-2024-12647, CVE-2024-12648, and CVE-2024-12649.
- Direct internet exposure of affected devices increases security risks.
- Recommended actions include configuring a private network, updating firmware, and ensuring secured network environments.
- Specific printer models affected include Satera, Color imageCLASS, and i-SENSYS series across Japan, the US, and Europe.
- Additional products may be affected, with updates to be issued as necessary.
Source: https://securityonline.info/cve-2024-12647-cvss-9-8-canon-printers-at-risk-of-remote-code-execution/