Vulnerabilities Mitigation / Remediation for Office / Small Office Multifunction Printers, Laser Printers and Inkjet Printers - Canon Vietnam

Contact Us

06 Sep 2023 (Updated)

Vulnerabilities Mitigation / Remediation for Office / Small Office Multifunction Printers, Laser Printers and Inkjet Printers

Thank you for using Canon Products.

Multiple vulnerabilities were found for certain Office / Small Office Multifunction Printers, Laser Printers and Inkjet Printers.

These vulnerabilities indicate the possibility that if a product is connected directly to the Internet without using a router (wired or Wi-Fi), an unauthenticated remote attacker via the Internet may be able to execute arbitrary code and/or may be able to target the product in a Denial-of Service (DoS) attack. An attacker may also be able to install arbitrary files due to improper authentication of RemoteUI.

Buffer Overflow
CVE-2023-0851
CVE-2023-0852
CVE-2023-0853
CVE-2023-0854
CVE-2023-0855
CVE-2023-0856
CVE-2022-43974
CVE-2022-43608

Problems During Initial Registration of System Administrators in Control Protocols
CVE-2023-0857

Improper authentication of RemoteUI
CVE-2023-0858

Installation of arbitrary files
CVE-2023-0859

There have been no reports of damage relating to this vulnerability. However, to enhance the security of the product, we advise customers to install the latest firmware available for the Affected Models provided below.

We also recommend customers to set a private IP address for the products and create a network environment with a firewall or Wired/Wi-Fi router that can restrict network access.

For more details on securing products when connected to a network, please visit here.

We continue to review and strengthen security measures for our products to ensure that customers can continue using Canon products with peace of mind.

Affected Products:
Small Office MFP/LBP, please click here.
Inkjet Printer, please click here.
Business Multifunction Devices, please click here.

We will continue to update customers on any vulnerability detected in other products.

Contact Information for Inquiries:
Please contact your nearest service centre if you have any queries.

First Posted on 17 Apr 2023

Affected Products

Small Office MFP/LBP Laser Printers

imageCLASS LBP

Please click here for latest firmware available for the Affected Models.

Product Model	CVE-2022-43608	CVE-2022-43974	CVE-2023-0851	CVE-2023-0852	CVE-2023-0853	CVE-2023-0854	CVE-2023-0855	CVE-2023-0856	CVE-2023-0857	CVE-2023-0858	CVE-2023-0859
LBP121dn	-	Yes	Yes	-	Yes	Yes	Yes	Yes	Yes	Yes	-
LBP122dw	-	Yes	Yes	-	Yes	Yes	Yes	Yes	Yes	Yes	-
LBP214dw	Yes	-	Yes	-	Yes	Yes	-	Yes	Yes	-	Yes
LBP215x	Yes	-	Yes	-	Yes	Yes	-	Yes	Yes	-	Yes
LBP223dw	Yes	-	Yes	Yes	Yes	Yes	Yes	Yes	Yes	Yes	Yes
LBP226dw	Yes	-	Yes	Yes	Yes	Yes	Yes	Yes	Yes	Yes	Yes
LBP228x	Yes	-	Yes	Yes	Yes	Yes	Yes	Yes	Yes	Yes	Yes
LBP611Cn	Yes	-	Yes	-	Yes	Yes	-	Yes	Yes	-	-
LBP613Cdw	Yes	-	Yes	-	Yes	Yes	-	Yes	Yes	-	-
LBP621Cw	Yes*	-	Yes	Yes	Yes	Yes	Yes	Yes	Yes	Yes	Yes
LBP623Cdw	Yes*	-	Yes	Yes	Yes	Yes	Yes	Yes	Yes	Yes	Yes
LBP654Cx	Yes	-	Yes	-	Yes	Yes	-	Yes	Yes	-	-
LBP664Cx	Yes*	-	Yes	Yes	Yes	Yes	Yes	Yes	Yes	Yes	Yes
LBP673Cdw	-	Yes	Yes	-	Yes	Yes	Yes	Yes	Yes	Yes	Yes
LBP674Cx	-	Yes	Yes	-	Yes	Yes	Yes	Yes	Yes	Yes	Yes

*This has been addressed on 12 December 2022

imageCLASS MF

Please click here for latest firmware available for the Affected Models.

Product Model	CVE-2022-43608	CVE-2022-43974	CVE-2023-0851	CVE-2023-0852	CVE-2023-0853	CVE-2023-0854	CVE-2023-0855	CVE-2023-0856	CVE-2023-0857	CVE-2023-0858	CVE-2023-0859
MF264dw II	Yes	Yes	Yes	-	Yes	Yes	Yes	Yes	Yes	Yes	-
MF266dn II	Yes	Yes	Yes	-	Yes	Yes	Yes	Yes	Yes	Yes	-
MF269dw II	Yes	Yes	Yes	-	Yes	Yes	Yes	Yes	Yes	Yes	-
MF271dn	-	Yes	Yes	-	Yes	Yes	Yes	Yes	Yes	Yes	-
MF272dw	-	Yes	Yes	-	Yes	Yes	Yes	Yes	Yes	Yes	-
MF274dn	-	Yes	Yes	-	Yes	Yes	Yes	Yes	Yes	Yes	-
MF275dw	-	Yes	Yes	-	Yes	Yes	Yes	Yes	Yes	Yes	-
MF426dw	Yes	-	Yes	-	Yes	Yes	-	Yes	Yes	-	Yes
MF429x	Yes	-	Yes	-	Yes	Yes	-	Yes	Yes	-	Yes
MF441dw	Yes	-	Yes	Yes	Yes	Yes	Yes	Yes	Yes	Yes	Yes
MF445dw	Yes	-	Yes	Yes	Yes	Yes	Yes	Yes	Yes	Yes	Yes
MF449x	Yes	-	Yes	Yes	Yes	Yes	Yes	Yes	Yes	Yes	Yes
MF525x	Yes	-	Yes		Yes	Yes	-	Yes	Yes	-	Yes
MF543x	Yes	-	Yes	Yes	Yes	Yes	Yes	Yes	Yes	Yes	Yes
MF631Cn	Yes	-	Yes	-	Yes	Yes	-	Yes	Yes	-	-
MF632Cdw	Yes	-	Yes	-	Yes	Yes	-	Yes	Yes	-	-
MF633Cdw	Yes	-	Yes	-	Yes	Yes	-	Yes	Yes	-	-
MF635Cx	Yes	-	Yes	-	Yes	Yes	-	Yes	Yes	-	-
MF641Cw	Yes*	-	Yes	Yes	Yes	Yes	Yes	Yes	Yes	Yes	Yes
MF642Cdw	Yes*	-	Yes	Yes	Yes	Yes	Yes	Yes	Yes	Yes	Yes
MF643Cdw	Yes*	-	Yes	Yes	Yes	Yes	Yes	Yes	Yes	Yes	Yes
MF644Cdw	Yes*	-	Yes	Yes	Yes	Yes	Yes	Yes	Yes	Yes	Yes
MF645Cx	Yes*	-	Yes	Yes	Yes	Yes	Yes	Yes	Yes	Yes	Yes
MF735Cx	Yes	-	Yes	-	Yes	Yes	-	Yes	Yes	-	-
MF746Cx	Yes*	-	Yes	Yes	Yes	Yes	Yes	Yes	Yes	Yes	Yes
MF752Cdw	Yes	Yes	Yes	-	Yes	Yes	Yes	Yes	Yes	Yes	Yes
MF756Cx	Yes	Yes	Yes	-	Yes	Yes	Yes	Yes	Yes	Yes	Yes

*This has been addressed on 12 December 2022

imageRUNNER

Please click here for latest firmware available for the Affected Models.

Product Model	CVE-2022-43608	CVE-2022-43974	CVE-2023-0851	CVE-2023-0852	CVE-2023-0853	CVE-2023-0854	CVE-2023-0855	CVE-2023-0856	CVE-2023-0857	CVE-2023-0858	CVE-2023-0859
imageRUNNER 1643i/ 1643iF	Yes	-	Yes	Yes	Yes	Yes	Yes	Yes	Yes	Yes	Yes
imageRUNNER 1643i II/ 1643iF II	Yes	Yes	Yes	-	Yes	Yes	Yes	Yes	Yes	Yes	Yes

Inkjet Printers

PIXMA

Please click here for latest firmware available for the Affected Models.

Product Model	CVE-2022-43974
G3730	Yes
G3770	Yes
G4770	Yes

MAXIFY

Please click here for latest firmware available for the Affected Models.

Product Model	CVE-2022-43974
GX3070	Yes
GX4070	Yes

imagePROGRAF

Please click here for latest firmware available for the Affected Models.

Product Model	CVE-2022-43974
TC-20	Yes
TC-20M	Yes

Business Multifunction Devices

imageCLASS LBP/MF

Please contact your nearest service centre for update/enquiry.

Product Model	CVE-2022-43608	CVE-2022-43974	CVE-2023-0851	CVE-2023-0852	CVE-2023-0853	CVE-2023-0854	CVE-2023-0855	CVE-2023-0856	CVE-2023-0857	CVE-2023-0858	CVE-2023-0859
LBP361dw	-	Yes	-	-	Yes	-	Yes	Yes	-	-	-
LBP456dw / LBP458x	-	Yes	-	-	Yes	-	Yes	Yes	-	-	-
LBP722Cx	-	Yes	-	-	Yes	-	Yes	Yes	-	-	-

imagePRESS

Please contact your nearest service centre for update/enquiry.

Product Model	CVE-2022-43608	CVE-2022-43974	CVE-2023-0851	CVE-2023-0852	CVE-2023-0853	CVE-2023-0854	CVE-2023-0855	CVE-2023-0856	CVE-2023-0857	CVE-2023-0858	CVE-2023-0859
imagePRESS C165 / C170	-	Yes	-	-	Yes	Yes	Yes	Yes	-	-	-
imagesPRESS C270 / C265	-	Yes	-	-	Yes	Yes	Yes	Yes	-	-	-
imagePRESS V900 / V800 / V700	-	Yes	-	-	Yes	Yes	Yes	Yes	-	-	-
imagePRESS V1000	-	Yes	-	-	Yes	Yes	Yes	Yes	-	-	-
imagePRESS V1350	-	Yes	-	-	Yes	Yes	Yes	Yes	-	-	-

imageRUNNER / imageRUNNER ADVANCE

Please contact your nearest service centre for update/enquiry.

Product Model	CVE-2022-43608	CVE-2022-43974	CVE-2023-0851	CVE-2023-0852	CVE-2023-0853	CVE-2023-0854	CVE-2023-0855	CVE-2023-0856	CVE-2023-0857	CVE-2023-0858	CVE-2023-0859
iR 2425 Series	-	Yes	-	-	Yes	Yes	Yes	Yes	-	-	-
iR 2600 Series	-	Yes	-	-	Yes	Yes	Yes	Yes	-	-	-
iR 2700 Series	-	Yes	-	-	Yes	Yes	Yes	Yes	-	-	-
iR C3222 Series	-	Yes	-	-	Yes	Yes	Yes	Yes	-	-	-
iR C3226 Series	-	Yes	-	-	Yes	Yes	Yes	Yes	-	-	-
iR-ADV 715 / 615 / 525 3rd Edition Series	-	Yes	-	-	Yes	Yes	Yes	Yes	-	-	-
iR-ADV 4500 Series	-	Yes	-	-	Yes	Yes	Yes	Yes	-	-	-
iR-ADV 4500 3rd Edition Series	-	Yes	-	-	Yes	Yes	Yes	Yes	-	-	-
iR-ADV 6500 Series	-	Yes	-	-	Yes	Yes	Yes	Yes	-	-	-
iR-ADV 6500 3rd Edition Series	-	Yes	-	-	Yes	Yes	Yes	Yes	-	-	-
iR-ADV 8500 Series	-	Yes	-	-	Yes	Yes	Yes	Yes	-	-	-
iR-ADV 8500 3rd Edition Series	-	Yes	-	-	Yes	Yes	Yes	Yes	-	-	-
iR-ADV C355 / C255 Series	-	Yes	-	-	Yes	Yes	Yes	Yes	-	-	-
iR-ADV C356 / C256 Series	-	Yes	-	-	Yes	Yes	Yes	Yes	-	-	-
iR-ADV C356 / C256 3rd Edition Series	-	Yes	-	-	Yes	Yes	Yes	Yes	-	-	-
iR-ADV C3500 Series	-	Yes	-	-	Yes	Yes	Yes	Yes	-	-	-
iR-ADV C3500 3rd Edition Series	-	Yes	-	-	Yes	Yes	Yes	Yes	-	-	-
iR-ADV C5500 Series	-	Yes	-	-	Yes	Yes	Yes	Yes	-	-	-
iR-ADV C5500 3rd Edition Series	-	Yes	-	-	Yes	Yes	Yes	Yes	-	-	-
iR-ADV C7500 Series	-	Yes	-	-	Yes	Yes	Yes	Yes	-	-	-
iR-ADV C7500 3rd Edition Series	-	Yes	-	-	Yes	Yes	Yes	Yes	-	-	-
iR-ADV DX 717 / 617 / 527 Series	-	Yes	-	-	Yes	Yes	Yes	Yes	-	-	-
iR-ADV DX 719 / 619 / 529 Series	-	Yes	-	-	Yes	Yes	Yes	Yes	-	-	-
iR-ADV DX 4700 Series	-	Yes	-	-	Yes	Yes	Yes	Yes	-	-	-
iR-ADV DX 4800 Series	-	Yes	-	-	Yes	Yes	Yes	Yes	-	-	-
iR-ADV DX 4900 Series	-	Yes	-	-	Yes	Yes	Yes	Yes	-	-	-
iR-ADV DX 6700 Series	-	Yes	-	-	Yes	Yes	Yes	Yes	-	-	-
iR-ADV DX 6800 Series	-	Yes	-	-	Yes	Yes	Yes	Yes	-	-	-
iR-ADV DX 8700 Series	-	Yes	-	-	Yes	Yes	Yes	Yes	-	-	-
iR-ADV DX 8900 Series	-	Yes	-	-	Yes	Yes	Yes	Yes	-	-	-
iR-ADV DX C357 / C257 Series	-	Yes	-	-	Yes	Yes	Yes	Yes	-	-	-
iR-ADV DX C359 / C259 Series	-	Yes	-	-	Yes	Yes	Yes	Yes	-	-	-
iR-ADV DX C3700 Series	-	Yes	-	-	Yes	Yes	Yes	Yes	-	-	-
iR-ADV DX C3800 Series	-	Yes	-	-	Yes	Yes	Yes	Yes	-	-	-
iR-ADV DX C3900 Series	-	Yes	-	-	Yes	Yes	Yes	Yes	-	-	-
iR-ADV DX C5700 Series	-	Yes	-	-	Yes	Yes	Yes	Yes	-	-	-
iR-ADV DX C5800 Series	-	Yes	-	-	Yes	Yes	Yes	Yes	-	-	-
iR-ADV DX C7700 Series	-	Yes	-	-	Yes	Yes	Yes	Yes	-	-	-

Related Product Supports

Copyright © 2024 Canon Marketing Vietnam Company Ltd. All Rights Reserved.
Registration No. 0311869297 by HCMC DPI first time on 25/06/2012
Level 7, Friendship Tower, 31 Le Duan Street, Ben Nghe Ward, HCMC, Vietnam. Tel: (84-8) 38200 466

Copyright © 2024 Canon Marketing Vietnam Company Ltd. All Rights Reserved.
Registration No. 0311869297 by HCMC DPI first time on 25/06/2012
Level 7, Friendship Tower, 31 Le Duan Street, Ben Nghe Ward, HCMC, Vietnam. Tel: (84-8) 38200 466