Known Vulnerabilities for products from Canon
Listed below are 20 of the newest known vulnerabilities associated with the vendor "Canon".
These CVEs are retrieved based on exact matches on listed vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed vendor information are still displayed.
Data on known vulnerable products is also displayed based on information from known CPEs, each product links to its respective vulnerability page.
Additional devices specifications by Canon can be found at device.report : Canon
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2022-24674 | ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new secur... | 8.8 - HIGH | 2023-03-28 | 2023-04-03 |
| CVE-2022-24673 | ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new secur... | 9.8 - CRITICAL | 2023-03-28 | 2023-04-03 |
| CVE-2022-24672 | ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new secur... | 8.8 - HIGH | 2023-03-28 | 2023-04-03 |
| CVE-2021-43471 | ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new secur... | 7.5 - HIGH | 2021-12-06 | 2021-12-07 |
| CVE-2021-39368 | Canon Oce Print Exec Workgroup 1.3.2 allows XSS via the lang parameter. | 6.1 - MEDIUM | 2021-08-23 | 2021-08-26 |
| CVE-2021-39367 | Canon Oce Print Exec Workgroup 1.3.2 allows Host header injection. | 5.3 - MEDIUM | 2021-08-23 | 2021-09-01 |
| CVE-2021-38154 | Certain Canon devices manufactured in 2012 through 2020 (such as imageRUNNER ADVANCE iR-ADV C5250), when Catwalk Server is en... | 7.5 - HIGH | 2021-08-29 | 2021-09-13 |
| CVE-2021-38085 | The Canon TR150 print driver through 3.71.2.10 is vulnerable to a privilege escalation issue. During the add printer process,... | 7.8 - HIGH | 2021-08-11 | 2022-05-03 |
| CVE-2021-20877 | Cross-site scripting vulnerability in Canon laser printers and small office multifunctional printers (LBP162L/LBP162, MF4890d... | 4.8 - MEDIUM | 2022-02-08 | 2022-02-14 |
| CVE-2020-26508 | The WebTools component on Canon Oce ColorWave 3500 5.1.1.0 devices allows attackers to retrieve stored SMB credentials via th... | 9.8 - CRITICAL | 2020-11-16 | 2020-12-01 |
| CVE-2020-16849 | An issue was discovered on Canon MF237w 06.07 devices. An "Improper Handling of Length Parameter Inconsistency" issue in the ... | 7.5 - HIGH | 2020-11-30 | 2020-12-04 |
| CVE-2020-12695 | The Open Connectivity Foundation UPnP specification before 2020-04-17 does not forbid the acceptance of a subscription reques... | 7.5 - HIGH | 2020-06-08 | 2023-11-07 |
| CVE-2020-10671 | The Canon Oce Colorwave 500 4.0.0.0 printer's web application is missing any form of CSRF protections. This is a system-wide ... | 8.8 - HIGH | 2020-03-19 | 2020-03-23 |
| CVE-2020-10670 | The web application exposed by the Canon Oce Colorwave 500 4.0.0.0 printer is vulnerable to Reflected XSS in the parameter se... | 6.1 - MEDIUM | 2020-03-19 | 2020-03-23 |
| CVE-2020-10669 | The web application exposed by the Canon Oce Colorwave 500 4.0.0.0 printer is vulnerable to authentication bypass on the page... | 7.5 - HIGH | 2020-03-19 | 2020-03-24 |
| CVE-2020-10668 | The web application exposed by the Canon Oce Colorwave 500 4.0.0.0 printer is vulnerable to Reflected XSS in /home.jsp. The v... | 6.1 - MEDIUM | 2020-03-19 | 2020-03-23 |
| CVE-2020-10667 | The web application exposed by the Canon Oce Colorwave 500 4.0.0.0 printer is vulnerable to Stored XSS in /TemplateManager/in... | 6.1 - MEDIUM | 2020-03-19 | 2020-03-23 |
| CVE-2019-14339 | The ContentProvider in the Canon PRINT jp.co.canon.bsd.ad.pixmaprint 2.5.5 application for Android does not properly restrict... | 5.5 - MEDIUM | 2019-09-05 | 2021-07-21 |
| CVE-2019-6001 | Buffer overflow in PTP (Picture Transfer Protocol) of EOS series digital cameras (EOS-1D X firmware version 2.1.0 and earlier... | 6.8 - MEDIUM | 2019-08-06 | 2019-08-16 |
| CVE-2019-6000 | Buffer overflow in PTP (Picture Transfer Protocol) of EOS series digital cameras (EOS-1D X firmware version 2.1.0 and earlier... | 8.8 - HIGH | 2019-08-06 | 2020-08-24 |
Known software with vulnerabilities from Canon
| Type | Vendor | Product | Version |
|---|---|---|---|
| Hardware | Canon | Canoscan 8440f | - |
| Application | Canon | Canoscan Toolbox | 1.0 |
| Application | Canon | Captureperfect | 3.0 |
| Application | Canon | Dr-2020u Captureontouch | 1.1.109.1119 |
| Application | Canon | Dv Network Software | 2.0.0 |
| Application | Canon | Efi Printme | - |
| Hardware | Canon | Eos D60 | - |
| Application | Canon | Imageprograf Firmware Update Tool | 3.40 |
| Application | Canon | Imagerunner | - |
| Application | Canon | Imagerunner 2620 | - |
| Application | Canon | Imagerunner 5000i | - |
| Application | Canon | Imagerunner 5020 | - |
| Application | Canon | Imagerunner 6870 | - |
| Application | Canon | Imagerunner 8500 | - |
| Application | Canon | Imagerunner 9070 | - |
| Application | Canon | Imagerunner C3200 | - |
| Application | Canon | Imagerunner C3220 | - |
| Application | Canon | Imagerunner C6800 | - |
| Hardware | Canon | Ir2202n | - |
| Operating System | Canon | Ir2202n Firmware | - |