CVE-2023-0851
📋 TL;DR
A buffer overflow vulnerability in the CPCA Resource Download process of Canon multifunction printers allows network attackers to crash devices or execute arbitrary code. Affected devices include Satera, Color imageCLASS, and i-SENSYS models with firmware version 11.04 or earlier. This vulnerability affects devices sold in Japan, US, and Europe markets.
💻 Affected Systems
- Satera LBP660C Series
- Satera LBP620C Series
- Satera MF740C Series
- Satera MF640C Series
- Color imageCLASS LBP660C Series
- Color imageCLASS LBP620C Series
- Color imageCLASS X LBP1127C
- Color imageCLASS MF740C Series
- Color imageCLASS MF640C Series
- Color imageCLASS X MF1127C
- i-SENSYS LBP660C Series
- i-SENSYS LBP620C Series
- i-SENSYS MF740C Series
- i-SENSYS MF640C Series
- i-SENSYS C1127P
- i-SENSYS C1127iF
- i-SENSYS C1127i
📦 What is this software?
⚠️ Risk & Real-World Impact
Worst Case
Remote code execution leading to complete device compromise, lateral movement to other network systems, and persistent backdoor installation.
Likely Case
Device becomes unresponsive or crashes, disrupting printing services and requiring manual reboot or firmware reinstallation.
If Mitigated
Limited to denial of service if network segmentation prevents exploitation attempts.
🎯 Exploit Status
Network-based exploitation without authentication. CVSS 9.8 indicates critical severity with low attack complexity.
🛠️ Fix & Mitigation
✅ Official Fix
Patch Version: Firmware version newer than 11.04
Vendor Advisory: https://psirt.canon/advisory-information/cp2023-001/
Restart Required: Yes
Instructions:
1. Visit Canon support website for your region. 2. Download latest firmware for your specific printer model. 3. Upload firmware via printer web interface or USB. 4. Reboot printer after installation completes.
🔧 Temporary Workarounds
Network Segmentation
allIsolate printers on separate VLAN to limit attack surface
Disable CPCA Service
allTurn off CPCA Resource Download functionality if not required
🧯 If You Can't Patch
- Segment printers to isolated network with strict firewall rules
- Implement network monitoring for unusual printer communication patterns
🔍 How to Verify
Check if Vulnerable:
Check firmware version via printer web interface: Settings > Device Information > Firmware VersionCheck Version:
Not applicable - check via printer web interface or physical displayVerify Fix Applied:
Confirm firmware version is newer than 11.04 and test CPCA functionality📡 Detection & Monitoring
Log Indicators:
- Printer crash/reboot logs
- CPCA service failure messages
- Unusual network traffic to printer port 8611/tcp
Network Indicators:
- Large or malformed packets to printer port 8611
- Unexpected outbound connections from printer
SIEM Query:
destination_port:8611 AND (packet_size > 1500 OR protocol_anomaly = true)🔗 References
- https://canon.jp/support/support-info/230414vulnerability-response
- https://psirt.canon/advisory-information/cp2023-001/
- https://www.canon-europe.com/support/product-security-latest-news/
- https://www.usa.canon.com/support/canon-product-advisories/Service-Notice-Vulnerabilities-Remediation-Against-Buffer-Overflow
- https://canon.jp/support/support-info/230414vulnerability-response
- https://psirt.canon/advisory-information/cp2023-001/
- https://www.canon-europe.com/support/product-security-latest-news/
- https://www.usa.canon.com/support/canon-product-advisories/Service-Notice-Vulnerabilities-Remediation-Against-Buffer-Overflow
