CVE-2022-24674
Summary
| CVE | CVE-2022-24674 |
|---|---|
| State | PUBLIC |
| Assigner | [email protected] |
| Source Priority | CVE Program / NVD first with legacy fallback |
| Published | 2023-03-28 19:15:00 UTC |
| Updated | 2023-04-03 18:54:00 UTC |
| Description | This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Canon imageCLASS MF644Cdw 10.02 printers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the privet API. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-15834. |
Risk And Classification
Problem Types: CWE-787
NVD Known Affected Configurations (CPE 2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Hardware | Canon | 1435if | - | All | All | All |
| Hardware | Canon | 1435if | - | All | All | All |
| Operating System | Canon | 1435if Firmware | - | All | All | All |
| Operating System | Canon | 1435if Firmware | - | All | All | All |
| Hardware | Canon | 1435i | - | All | All | All |
| Operating System | Canon | 1435i Firmware | - | All | All | All |
| Hardware | Canon | 1435p | - | All | All | All |
| Hardware | Canon | 1435p | - | All | All | All |
| Operating System | Canon | 1435p Firmware | - | All | All | All |
| Operating System | Canon | 1435p Firmware | - | All | All | All |
| Hardware | Canon | D1520 | - | All | All | All |
| Operating System | Canon | D1520 Firmware | - | All | All | All |
| Hardware | Canon | D1550 | - | All | All | All |
| Operating System | Canon | D1550 Firmware | - | All | All | All |
| Hardware | Canon | D1620 | - | All | All | All |
| Operating System | Canon | D1620 Firmware | - | All | All | All |
| Hardware | Canon | D1650 | - | All | All | All |
| Operating System | Canon | D1650 Firmware | - | All | All | All |
| Hardware | Canon | Ir1435i | - | All | All | All |
| Operating System | Canon | Ir1435i Firmware | - | All | All | All |
| Hardware | Canon | Ir1643i | - | All | All | All |
| Hardware | Canon | Ir1643if | - | All | All | All |
| Operating System | Canon | Ir1643if Firmware | - | All | All | All |
| Operating System | Canon | Ir1643i Firmware | - | All | All | All |
| Hardware | Canon | Lbp1127c | - | All | All | All |
| Operating System | Canon | Lbp1127c Firmware | - | All | All | All |
| Hardware | Canon | Lbp1238 | - | All | All | All |
| Operating System | Canon | Lbp1238 Firmware | - | All | All | All |
| Hardware | Canon | Lbp1238 Ii | - | All | All | All |
| Operating System | Canon | Lbp1238 Ii Firmware | - | All | All | All |
| Hardware | Canon | Lbp214dw | - | All | All | All |
| Operating System | Canon | Lbp214dw Firmware | - | All | All | All |
| Hardware | Canon | Lbp215dw | - | All | All | All |
| Operating System | Canon | Lbp215dw Firmware | - | All | All | All |
| Hardware | Canon | Lbp226dw | - | All | All | All |
| Operating System | Canon | Lbp226dw Firmware | - | All | All | All |
| Hardware | Canon | Lbp227dw | - | All | All | All |
| Operating System | Canon | Lbp227dw Firmware | - | All | All | All |
| Hardware | Canon | Lbp228dw | - | All | All | All |
| Operating System | Canon | Lbp228dw Firmware | - | All | All | All |
| Hardware | Canon | Lbp236dw | - | All | All | All |
| Operating System | Canon | Lbp236dw Firmware | - | All | All | All |
| Hardware | Canon | Lbp237dw | - | All | All | All |
| Operating System | Canon | Lbp237dw Firmware | - | All | All | All |
| Hardware | Canon | Lbp251dw | - | All | All | All |
| Operating System | Canon | Lbp251dw Firmware | - | All | All | All |
| Hardware | Canon | Lbp253dw | - | All | All | All |
| Operating System | Canon | Lbp253dw Firmware | - | All | All | All |
| Hardware | Canon | Lbp612cdw | - | All | All | All |
| Operating System | Canon | Lbp612cdw Firmware | - | All | All | All |
| Hardware | Canon | Lbp622cdw | - | All | All | All |
| Operating System | Canon | Lbp622cdw Firmware | - | All | All | All |
| Hardware | Canon | Lbp623cdw | - | All | All | All |
| Operating System | Canon | Lbp623cdw Firmware | - | All | All | All |
| Hardware | Canon | Lbp654cdw | - | All | All | All |
| Operating System | Canon | Lbp654cdw Firmware | - | All | All | All |
| Hardware | Canon | Lbp664cdw | - | All | All | All |
| Operating System | Canon | Lbp664cdw Firmware | - | All | All | All |
| Hardware | Canon | Mf1127c | - | All | All | All |
| Operating System | Canon | Mf1127c Firmware | - | All | All | All |
| Hardware | Canon | Mf1238 | - | All | All | All |
| Operating System | Canon | Mf1238 Firmware | - | All | All | All |
| Hardware | Canon | Mf1238 Ii | - | All | All | All |
| Operating System | Canon | Mf1238 Ii Firmware | - | All | All | All |
| Hardware | Canon | Mf1643if Ii | - | All | All | All |
| Operating System | Canon | Mf1643if Ii Firmware | - | All | All | All |
| Hardware | Canon | Mf1643i Ii | - | All | All | All |
| Operating System | Canon | Mf1643i Ii Firmware | - | All | All | All |
| Hardware | Canon | Mf414dw | - | All | All | All |
| Operating System | Canon | Mf414dw Firmware | - | All | All | All |
| Hardware | Canon | Mf416dw | - | All | All | All |
| Operating System | Canon | Mf416dw Firmware | - | All | All | All |
| Hardware | Canon | Mf419dw | - | All | All | All |
| Operating System | Canon | Mf419dw Firmware | - | All | All | All |
| Hardware | Canon | Mf424dw | - | All | All | All |
| Operating System | Canon | Mf424dw Firmware | - | All | All | All |
| Hardware | Canon | Mf426dw | - | All | All | All |
| Operating System | Canon | Mf426dw Firmware | - | All | All | All |
| Hardware | Canon | Mf429dw | - | All | All | All |
| Operating System | Canon | Mf429dw Firmware | - | All | All | All |
| Hardware | Canon | Mf445dw | - | All | All | All |
| Operating System | Canon | Mf445dw Firmware | - | All | All | All |
| Hardware | Canon | Mf448dw | - | All | All | All |
| Operating System | Canon | Mf448dw Firmware | - | All | All | All |
| Hardware | Canon | Mf449dw | - | All | All | All |
| Operating System | Canon | Mf449dw Firmware | - | All | All | All |
| Hardware | Canon | Mf451dw | - | All | All | All |
| Operating System | Canon | Mf451dw Firmware | - | All | All | All |
| Hardware | Canon | Mf452dw | - | All | All | All |
| Operating System | Canon | Mf452dw Firmware | - | All | All | All |
| Hardware | Canon | Mf453dw | - | All | All | All |
| Operating System | Canon | Mf453dw Firmware | - | All | All | All |
| Hardware | Canon | Mf455dw | - | All | All | All |
| Operating System | Canon | Mf455dw Firmware | - | All | All | All |
| Hardware | Canon | Mf515dw | - | All | All | All |
| Operating System | Canon | Mf515dw Firmware | - | All | All | All |
| Hardware | Canon | Mf525dw | - | All | All | All |
| Operating System | Canon | Mf525dw Firmware | - | All | All | All |
| Hardware | Canon | Mf543dw | - | All | All | All |
| Operating System | Canon | Mf543dw Firmware | - | All | All | All |
| Hardware | Canon | Mf6160dw | - | All | All | All |
| Operating System | Canon | Mf6160dw Firmware | - | All | All | All |
| Hardware | Canon | Mf6180dw | - | All | All | All |
| Operating System | Canon | Mf6180dw Firmware | - | All | All | All |
| Hardware | Canon | Mf624cdw | - | All | All | All |
| Operating System | Canon | Mf624cdw Firmware | - | All | All | All |
| Hardware | Canon | Mf628cdw | - | All | All | All |
| Operating System | Canon | Mf628cdw Firmware | - | All | All | All |
| Hardware | Canon | Mf632cdw | - | All | All | All |
| Operating System | Canon | Mf632cdw Firmware | - | All | All | All |
| Hardware | Canon | Mf634cdw | - | All | All | All |
| Operating System | Canon | Mf634cdw Firmware | - | All | All | All |
| Hardware | Canon | Mf641cw | - | All | All | All |
| Operating System | Canon | Mf641cw Firmware | - | All | All | All |
| Hardware | Canon | Mf642cdw | - | All | All | All |
| Operating System | Canon | Mf642cdw Firmware | - | All | All | All |
| Hardware | Canon | Mf644cdw | - | All | All | All |
| Operating System | Canon | Mf644cdw Firmware | - | All | All | All |
| Hardware | Canon | Mf726cdw | - | All | All | All |
| Operating System | Canon | Mf726cdw Firmware | - | All | All | All |
| Hardware | Canon | Mf729cdw | - | All | All | All |
| Operating System | Canon | Mf729cdw Firmware | - | All | All | All |
| Hardware | Canon | Mf731cdw | - | All | All | All |
| Operating System | Canon | Mf731cdw Firmware | - | All | All | All |
| Hardware | Canon | Mf733cdw | - | All | All | All |
| Operating System | Canon | Mf733cdw Firmware | - | All | All | All |
| Hardware | Canon | Mf735cdw | - | All | All | All |
| Operating System | Canon | Mf735cdw Firmware | - | All | All | All |
| Hardware | Canon | Mf741cdw | - | All | All | All |
| Operating System | Canon | Mf741cdw Firmware | - | All | All | All |
| Hardware | Canon | Mf743cdw | - | All | All | All |
| Operating System | Canon | Mf743cdw Firmware | - | All | All | All |
| Hardware | Canon | Mf745cdw | - | All | All | All |
| Operating System | Canon | Mf745cdw Firmware | - | All | All | All |
| Hardware | Canon | Mf746cdw | - | All | All | All |
| Operating System | Canon | Mf746cdw Firmware | - | All | All | All |
| Hardware | Canon | Mf810cdn | - | All | All | All |
| Operating System | Canon | Mf810cdn Firmware | - | All | All | All |
| Hardware | Canon | Mf820cdn | - | All | All | All |
| Operating System | Canon | Mf820cdn Firmware | - | All | All | All |
| Hardware | Canon | Mf8280cw | - | All | All | All |
| Operating System | Canon | Mf8280cw Firmware | - | All | All | All |
| Hardware | Canon | Mf8580cdw | - | All | All | All |
| Operating System | Canon | Mf8580cdw Firmware | - | All | All | All |
| Hardware | Canon | Wg7240 | - | All | All | All |
| Operating System | Canon | Wg7240 Firmware | - | All | All | All |
| Hardware | Canon | Wg7250 | - | All | All | All |
| Hardware | Canon | Wg7250f | - | All | All | All |
| Operating System | Canon | Wg7250f Firmware | - | All | All | All |
| Hardware | Canon | Wg7250z | - | All | All | All |
| Operating System | Canon | Wg7250z Firmware | - | All | All | All |
| Operating System | Canon | Wg7250 Firmware | - | All | All | All |
References
| Reference | Source | Link | Tags |
|---|---|---|---|
| 404 Error | Canon U.S.A., Inc. | MISC | www.usa.canon.com | |
| ZDI-22-516 | Zero Day Initiative | MISC | www.zerodayinitiative.com | |
| CVE Program record | CVE.ORG | www.cve.org | canonical |
| NVD vulnerability detail | NVD | nvd.nist.gov | canonical, analysis |
No vendor comments have been submitted for this CVE.
There are currently no legacy QID mappings associated with this CVE.