CVE-2024-0244

CRITICAL
Published Feb 6, 2024 Modified Nov 21, 2024 CWE-787

Description

Buffer overflow in CPCA PCFAX number process of Office Multifunction Printers and Laser Printers(*) which may allow an attacker on the network segment to trigger the affected product being unresponsive or to execute arbitrary code.*:Satera MF750C Series firmware v03.07 and earlier sold in Japan. Color imageCLASS MF750C Series/Color imageCLASS X MF1333C firmware v03.07 and earlier sold in US. i-SENSYS MF754Cdw/C1333iF firmware v03.07 and earlier sold in Europe.

Is your site exposed to CVE-2024-0244?

Run a free security scan — no signup, results in seconds.

CVSS v3.1 Score

9.8
CRITICAL
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Weakness Type (CWE)

CWE-787 Out-of-bounds Write

Affected Products

Vendor Product
canon i-sensys_mf754cdw_firmware
canon i-sensys_mf754cdw
canon i-sensys_x_c1333if_firmware
canon i-sensys_x_c1333if
canon mf755cdw_firmware
canon mf755cdw
canon mf753cdw_firmware
canon mf753cdw
canon mf751cdw_firmware
canon mf751cdw
canon mf1333c_firmware
canon mf1333c
canon lbp1333c_firmware
canon lbp1333c

References

Frequently Asked Questions

What is CVE-2024-0244? +
Buffer overflow in CPCA PCFAX number process of Office Multifunction Printers and Laser Printers(*) which may allow an attacker on the network segment to trigger the affected product being unresponsive or to execute arbitrary code.*:Satera MF750C Series firmware v03.07 and earlier sold in Japan. Color imageCLASS MF750C Series/Color imageCLASS X MF1333C firmware v03.07 and earlier sold in US. i-SENSYS MF754Cdw/C1333iF firmware v03.07 and earlier sold in Europe. It has a CVSS v3.1 base score of 9.8 (CRITICAL).
How severe is CVE-2024-0244? +
CVE-2024-0244 has a CVSS v3.1 score of 9.8 out of 10, rated CRITICAL. This is a critical vulnerability that should be patched immediately.
What products are affected by CVE-2024-0244? +
CVE-2024-0244 affects products from canon, specifically: i-sensys_mf754cdw, i-sensys_mf754cdw_firmware, i-sensys_x_c1333if, i-sensys_x_c1333if_firmware, lbp1333c, lbp1333c_firmware, mf1333c, mf1333c_firmware, mf751cdw, mf751cdw_firmware, mf753cdw, mf753cdw_firmware, mf755cdw, mf755cdw_firmware. Check the affected products table above for specific version ranges.
How do I check if I'm vulnerable to CVE-2024-0244? +
You can use Secably's free Website Scanner to check your website for known vulnerabilities. For infrastructure scanning, use the Port Scanner to identify exposed services that may be affected. Check the vendor advisories linked above for specific patch and version information.

Related Vulnerabilities

Don't wait for an exploit

Scan your website for vulnerabilities like CVE-2024-0244 — free, no signup required.