Vulnerability Description
An issue was discovered on Canon MF237w 06.07 devices. An "Improper Handling of Length Parameter Inconsistency" issue in the IPv4/ICMPv4 component, when handling a packet sent by an unauthenticated network attacker, may expose Sensitive Information.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Canon | Mf237W Firmware | 06.07 |
| Canon | Mf237W | - |
| Canon | Mf113W Firmware | - |
| Canon | Mf113W | - |
| Canon | Mf212W Firmware | - |
| Canon | Mf212W | - |
| Canon | Mf216N Firmware | - |
| Canon | Mf216N | - |
| Canon | Mf217W Firmware | - |
| Canon | Mf217W | - |
| Canon | Mf226Dn Firmware | - |
| Canon | Mf226Dn | - |
| Canon | Mf229Dw Firmware | - |
| Canon | Mf229Dw | - |
| Canon | Mf231 Firmware | - |
| Canon | Mf231 | - |
| Canon | Mf232W Firmware | - |
| Canon | Mf232W | - |
| Canon | Mf244Dw Firmware | - |
| Canon | Mf244Dw | - |
References
- https://blog.scadafence.com/vulnerability-report-cve-2020-16849Third Party Advisory
- https://www.canon-europe.com/support/product-security/Vendor Advisory
- https://blog.scadafence.com/vulnerability-report-cve-2020-16849Third Party Advisory
- https://www.canon-europe.com/support/product-security/Vendor Advisory
FAQ
What is CVE-2020-16849?
CVE-2020-16849 is a vulnerability with a CVSS score of 7.5 (HIGH). An issue was discovered on Canon MF237w 06.07 devices. An "Improper Handling of Length Parameter Inconsistency" issue in the IPv4/ICMPv4 component, when handling a packet sent by an unauthenticated ne...
How severe is CVE-2020-16849?
CVE-2020-16849 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2020-16849?
Check the references section above for vendor advisories and patch information. Affected products include: Canon Mf237W Firmware, Canon Mf237W, Canon Mf113W Firmware, Canon Mf113W, Canon Mf212W Firmware.