Regarding Vulnerability Measure Against Buffer Overflow for Laser Printers/Inkjet Printers and Small Office Multifunction Printers - Canon Malaysia

28 Apr 2022 (Updated)

    Regarding Vulnerability Measure Against Buffer Overflow for Laser Printers/Inkjet Printers and Small Office Multifunction Printers

    Thank you for using Canon Products.

    Multiple cases of buffer overflow vulnerability have been detected for Canon Laser Printers/Inkjet Printers and Small Office Multifunction Printers listed under Affected Models below. (CVE-2022-24672, CVE-2022-24673, CVE-2022-24674)

    This vulnerability suggests the possibility that if a product is connected directly to the Internet without using a router (wired or Wi-Fi), a party may be able to execute arbitrary code and/or subject the product to Denial-of Service (DoS) attack.

    There have been no reports of damage relating to this vulnerability. However, to enhance the security of the product, we advise customers to install the latest firmware available for the Affected Models provided below.

    We also recommend customers to set a private IP address for the products and create a network environment with a firewall or Wired/Wi-Fi router that can restrict network access.

    For more details on securing products when connected to a network, please visit here.

    We continue to review and strengthen security measures for our products to ensure that customers can continue using Canon products with peace of mind.

    Affected Products:

    Model Name Related Product Supports
    imageRUNNER 1435, imageRUNNER 1435iF Please contact your nearest service centre for firmware update support.
    imageRUNNER 1643i II, imageRUNNER 1643iF II Please contact your nearest service centre for firmware update support.
    imageRUNNER 1643i, imageRUNNER 1643iF Please contact your nearest service centre for firmware update support.
    imageRUNNER C1325 Please contact your nearest service centre for firmware update support.
    imageRUNNER C3020 Please contact your nearest service centre for firmware update support.
    imageRUNNER C3120 Please contact your nearest service centre for firmware update support.
    imageRUNNER C3222L Please contact your nearest service centre for firmware update support.
    LBP226Dw Download latest firmware here
    LBP228x Download latest firmware here
    LBP611Cn Download latest firmware here
    LBP613Cdw Download latest firmware here
    LBP621Cw Download latest firmware here
    LBP623Cdw Download latest firmware here
    LBP654Cx Download latest firmware here
    LBP664Cx Download latest firmware here
    imageCLASS MF445dw Download latest firmware here
    imageCLASSMF449x Download latest firmware here
    imageCLASSMF543x Download latest firmware here
    imageCLASSMF631Cn Download latest firmware here
    imageCLASSMF632Cdw Download latest firmware here
    imageCLASSMF633Cdw Download latest firmware here
    imageCLASSMF635Cx Download latest firmware here
    imageCLASSMF641Cw Download latest firmware here
    imageCLASSMF642Cdw Download latest firmware here
    imageCLASSMF643Cdw Download latest firmware here
    imageCLASSMF644Cdw Download latest firmware here
    imageCLASSMF645Cx Download latest firmware here
    imageCLASSMF735Cx Download latest firmware here
    imageCLASSMF746Cx Download latest firmware here
    WG7740 Download latest firmware here
    WG7750F, WG7750FM Download latest firmware here


    We will continue to update customers on any vulnerability detected in other products.

    Contact Information for Inquiries:
    Please contact your nearest service centre if you have any queries.

     

    First Posted on 15 Feb 2022