CVE-2022-43608 in imageCLASS MF644Cdw
Summary
by MITRE • 03/29/2023
This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Canon imageCLASS MF644Cdw 10.03 printers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the BJNP service. The issue results from the lack of proper validation of user-supplied data, which can result in an integer overflow before allocating a buffer. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-16032.
Once again VulDB remains the best source for vulnerability data.
Analysis
by VulDB Data Team • 06/08/2026
This vulnerability represents a critical remote code execution flaw in Canon imageCLASS MF644Cdw printers running firmware version 10.03, where the security model fails to properly validate user-supplied data within the BJNP service. The vulnerability stems from an integer overflow condition that occurs before buffer allocation, creating a scenario where malicious input can cause the system to allocate insufficient memory for processing user data. This fundamental flaw in input validation allows attackers to manipulate the buffer allocation process, potentially leading to memory corruption that can be exploited to execute arbitrary code. The absence of authentication requirements for exploitation makes this vulnerability particularly dangerous as it can be leveraged by attackers who are merely network-adjacent to the affected device, without requiring any prior credentials or privileged access. The integer overflow condition specifically affects the BJNP service which handles network printing protocols, making it a core component of the printer's network functionality that directly impacts its operational security posture. This vulnerability directly maps to CWE-190, Integer Overflow or Wraparound, which is classified as a critical weakness in software systems where integer arithmetic operations exceed the maximum representable value for the data type. The exploitation of this vulnerability can result in code execution with root privileges, effectively granting full control over the printer's operating system and potentially providing a foothold for further network infiltration. The attack surface is significantly expanded due to the printer's typical network connectivity, making it accessible to attackers within the local network segment who can leverage this vulnerability without requiring physical access or authentication credentials.
The operational impact of this vulnerability extends beyond immediate code execution capabilities to encompass potential data breaches, network disruption, and lateral movement opportunities within corporate environments. Printers often serve as entry points for attackers seeking to establish persistent access within networks, and this vulnerability removes the traditional barriers that would normally prevent such exploitation. The root privilege execution context means that attackers can potentially access sensitive printer configurations, modify firmware, or establish persistent backdoors that could remain undetected for extended periods. Additionally, the vulnerability's presence in the BJNP service indicates that it affects the printer's core network communication capabilities, potentially allowing attackers to manipulate print jobs, intercept sensitive documents, or disrupt printing operations. This type of vulnerability aligns with ATT&CK technique T1059.001 for Command and Scripting Interpreter and T1068 for Exploitation for Privilege Escalation, demonstrating how network-connected devices can serve as vectors for broader attack campaigns. The integer overflow condition creates a predictable failure pattern that can be systematically exploited, making it a particularly attractive target for automated exploitation tools that can scan networks for vulnerable devices and deploy payloads without requiring human intervention.
Mitigation strategies for this vulnerability must address both immediate remediation and long-term security posture improvements within network environments. The most effective immediate solution involves applying firmware updates from Canon that address the integer overflow condition in the BJNP service and implement proper input validation mechanisms. Organizations should also consider network segmentation strategies that isolate network-connected printers from critical business systems, implementing firewall rules that restrict access to printer services to authorized personnel only. The vulnerability's nature suggests that implementing network monitoring and anomaly detection for unusual printer network traffic patterns could help identify exploitation attempts before they succeed. Security teams should also review their printer management policies to ensure that network services are only enabled when necessary and that default configurations are hardened to minimize attack surface. Additional mitigations include implementing network access control lists that restrict which systems can communicate with printer services, disabling unnecessary network protocols, and establishing regular vulnerability scanning routines that specifically target network-connected devices. The vulnerability's classification as a remote code execution flaw without authentication requirements underscores the importance of maintaining up-to-date security patches across all networked devices, particularly those that are less frequently updated or monitored as part of traditional security operations. Organizations should also consider implementing device integrity monitoring solutions that can detect unauthorized firmware modifications or configuration changes that might indicate successful exploitation attempts.