CVE-2024-0244
Description
A buffer overflow in the CPCA PCFAX number process of Canon Office Multifunction Printers and Laser Printers allows attackers on the local network segment to cause denial of service or execute arbitrary code.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
A buffer overflow in the CPCA PCFAX number process of Canon Office Multifunction Printers and Laser Printers allows attackers on the local network segment to cause denial of service or execute arbitrary code.
Vulnerability
A buffer overflow vulnerability exists in the CPCA PCFAX number processing of Canon Office Multifunction Printers and Laser Printers. This affects Satera MF750C Series firmware v03.07 and earlier (Japan), Color imageCLASS MF750C Series/Color imageCLASS X MF1333C firmware v03.07 and earlier (US), and i-SENSYS MF754Cdw/C1333iF firmware v03.07 and earlier (Europe) [1]. The flaw is triggered by specially crafted data sent to the device's fax number handling routine.
Exploitation
An attacker on the same network segment (i.e., without going through a wired or Wi-Fi router) can trigger this vulnerability by sending a maliciously crafted PCFAX number to the affected printer. No authentication is required, but the attacker must be able to communicate with the printer on the local network [1]. The vulnerability is exploitable over the network without user interaction.
Impact
Successful exploitation could render the device unresponsive (denial of service) or allow the attacker to execute arbitrary code on the device [1]. This gives the attacker control over the printer's functionality and may lead to further network compromise.
Mitigation
Canon has released firmware updates to address this vulnerability. Users should upgrade to the latest firmware version for their device. As of the advisory date, no workarounds are mentioned [1]. The vulnerability is not currently listed in CISA's Known Exploited Vulnerabilities (KEV) catalog.
AI Insight generated on May 25, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.
Affected products
6- Range: <=v03.07
- Canon Inc./C1333iFv5Range: 03.07 and earlier
- Canon Inc./Color imageCLASS MF750C Seriesv5Range: 03.07 and earlier
- Canon Inc./Color imageCLASS X MF1333Cv5Range: 03.07 and earlier
- Canon Inc./i-SENSYS MF754Cdwv5Range: 03.07 and earlier
- Canon Inc./Satera MF750C Seriesv5Range: 03.07 and earlier
Patches
0No patches discovered yet.
Vulnerability mechanics
No source-code context for this CVE — mechanics is only generated when we can read the actual fix diff. Without that, the four sections (root cause, attack vector, affected code, fix) would be speculation rather than analysis.
References
4- canon.jp/support/support-info/240205vulnerability-responsemitrevendor-advisory
- psirt.canon/advisory-information/cp2024-001/mitrevendor-advisory
- www.canon-europe.com/support/product-security-latest-news/mitrevendor-advisory
- www.usa.canon.com/support/canon-product-advisories/Service-Notice-Regarding-Vulnerability-Measure-Against-Buffer-Overflow-for-Laser-Printers-and-Small-Office-Multifunctional-Printersmitrevendor-advisory
News mentions
0No linked articles in our index yet.