CVE-2022-24674

HIGH

Canon imageCLASS MF644Cdw 10.02 - RCE

Title source: llm

Description

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Canon imageCLASS MF644Cdw 10.02 printers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the privet API. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-15834.

References (2)

Core 2

Core References

Broken Link

https://www.usa.canon.com/internet/portal/us/home/support/product-advisories/detail/canon-laser-printer-and-small-office-multifunctional-printer-measure-against-buffer-overflow/

Third Party Advisory, VDB Entry

https://www.zerodayinitiative.com/advisories/ZDI-22-516/

Scores

CVSS v3 8.8

EPSS 0.0111

EPSS Percentile 61.8%

Attack Vector ADJACENT_NETWORK

CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CISA SSVC

Vulnrichment

Exploitation none

Automatable no

Technical Impact total

Details

CWE

CWE-121 CWE-787

Status published

Products (50)

canon/1435i\+_firmware

canon/1435if\+_firmware

canon/1435if_firmware

canon/1435p\+_firmware

canon/1435p_firmware

canon/d1520_firmware

canon/d1550_firmware

canon/d1620_firmware

canon/d1650_firmware

canon/ir1435i_firmware

... and 40 more

Published Mar 28, 2023

Tracked Since Feb 18, 2026