Search

Find a vulnerability

Search criteria

    14 vulnerabilities found for Color imageCLASS MF650C Series by Canon Inc.

    CVE-2025-14237 (GCVE-0-2025-14237)

    Vulnerability from nvd – Published: 2026-01-15 23:40 – Updated: 2026-02-26 15:04
    VLAI
    Summary
    Buffer overflow in XPS font parse processing on Small Office Multifunction Printers and Laser Printers(*) which may allow an attacker on the network segment to trigger the affected product being unresponsive or to execute arbitrary code. *: Satera LBP670C Series/Satera MF750C Series firmware v06.02 and earlier sold in Japan.Color imageCLASS LBP630C/Color imageCLASS MF650C Series/imageCLASS LBP230 Series/imageCLASS X LBP1238 II/imageCLASS MF450 Series/imageCLASS X MF1238 II/imageCLASS X MF1643i II/imageCLASS X MF1643iF II firmware v06.02 and earlier sold in US.i-SENSYS LBP630C Series/i-SENSYS MF650C Series/i-SENSYS LBP230 Series/1238P II/1238Pr II/i-SENSYS MF450 Series/i-SENSYS MF550 Series/1238i II/1238iF II/imageRUNNER 1643i II/imageRUNNER 1643iF II firmware v06.02 and earlier sold in Europe.
    SSVC
    Exploitation: none Automatable: yes Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    Impacted products
    Vendor Product Version
    Canon Inc. Satera LBP670C Series Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. Satera MF750C Series Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. Color imageCLASS LBP630C Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. Color imageCLASS MF650C Series Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. imageCLASS LBP230 Series Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. imageCLASS X LBP1238 II Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. imageCLASS MF450 Series Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. imageCLASS X MF1238 II Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. imageCLASS X MF1643i II Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. imageCLASS X MF1643iF II Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. i-SENSYS LBP630C Series Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. i-SENSYS MF650C Series Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. i-SENSYS LBP230 Series Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. 1238P II Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. 1238Pr II Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. i-SENSYS MF450 Series Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. i-SENSYS MF550 Series Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. 1238i II Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. 1238iF II Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. imageRUNNER 1643i II Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. imageRUNNER 1643iF II Affected: 06.02 and earlier
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-14237",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-01-17T04:55:22.276871Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-02-26T15:04:03.679Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Satera LBP670C Series",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "Satera MF750C Series",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "Color imageCLASS LBP630C",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "Color imageCLASS MF650C Series",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "imageCLASS LBP230 Series",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "imageCLASS X LBP1238 II",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "imageCLASS MF450 Series",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "imageCLASS X MF1238 II",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "imageCLASS X MF1643i II",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "imageCLASS X MF1643iF II",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "i-SENSYS LBP630C Series",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "i-SENSYS MF650C Series",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "i-SENSYS LBP230 Series",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "1238P II",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "1238Pr II",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "i-SENSYS MF450 Series",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "i-SENSYS MF550 Series",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "1238i II",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "1238iF II",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "imageRUNNER 1643i II",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "imageRUNNER 1643iF II",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cp\u003eBuffer overflow in XPS font parse processing on Small Office Multifunction Printers and Laser Printers(*) which may allow an attacker on the network segment to trigger the affected product being unresponsive or to execute arbitrary code. *: Satera LBP670C Series/Satera MF750C Series firmware v06.02 and earlier sold in Japan.Color imageCLASS LBP630C/Color imageCLASS MF650C Series/imageCLASS LBP230 Series/imageCLASS X LBP1238 II/imageCLASS MF450 Series/imageCLASS X MF1238 II/imageCLASS X MF1643i II/imageCLASS X MF1643iF II firmware v06.02 and earlier sold in US.i-SENSYS LBP630C Series/i-SENSYS MF650C Series/i-SENSYS LBP230 Series/1238P II/1238Pr II/i-SENSYS MF450 Series/i-SENSYS MF550 Series/1238i II/1238iF II/imageRUNNER 1643i II/imageRUNNER 1643iF II firmware v06.02 and earlier sold in Europe.\u003c/p\u003e"
                }
              ],
              "value": "Buffer overflow in XPS font parse processing on Small Office Multifunction Printers and Laser Printers(*) which may allow an attacker on the network segment to trigger the affected product being unresponsive or to execute arbitrary code. *: Satera LBP670C Series/Satera MF750C Series firmware v06.02 and earlier sold in Japan.Color imageCLASS LBP630C/Color imageCLASS MF650C Series/imageCLASS LBP230 Series/imageCLASS X LBP1238 II/imageCLASS MF450 Series/imageCLASS X MF1238 II/imageCLASS X MF1643i II/imageCLASS X MF1643iF II firmware v06.02 and earlier sold in US.i-SENSYS LBP630C Series/i-SENSYS MF650C Series/i-SENSYS LBP230 Series/1238P II/1238Pr II/i-SENSYS MF450 Series/i-SENSYS MF550 Series/1238i II/1238iF II/imageRUNNER 1643i II/imageRUNNER 1643iF II firmware v06.02 and earlier sold in Europe."
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "attackComplexity": "LOW",
                "attackRequirements": "NONE",
                "attackVector": "NETWORK",
                "baseScore": 9.3,
                "baseSeverity": "CRITICAL",
                "exploitMaturity": "NOT_DEFINED",
                "privilegesRequired": "NONE",
                "providerUrgency": "NOT_DEFINED",
                "subAvailabilityImpact": "NONE",
                "subConfidentialityImpact": "NONE",
                "subIntegrityImpact": "NONE",
                "userInteraction": "NONE",
                "valueDensity": "NOT_DEFINED",
                "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
                "version": "4.0",
                "vulnAvailabilityImpact": "HIGH",
                "vulnConfidentialityImpact": "HIGH",
                "vulnIntegrityImpact": "HIGH",
                "vulnerabilityResponseEffort": "NOT_DEFINED"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            },
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 9.8,
                "baseSeverity": "CRITICAL",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-787",
                  "description": "CWE-787: Out-of-bounds Write",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-01-15T23:40:35.434Z",
            "orgId": "f98c90f0-e9bd-4fa7-911b-51993f3571fd",
            "shortName": "Canon"
          },
          "references": [
            {
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://psirt.canon/advisory-information/cp2026-001/"
            },
            {
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://canon.jp/support/support-info/260115vulnerability-response"
            },
            {
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://www.usa.canon.com/support/canon-product-advisories/Service-Notice-Regarding-Remediation-Measure-Against-Potential-Buffer-Overflow-Vulnerability-in-Laser-Printers-and-Small-Office-Multifunctional-Printers"
            },
            {
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://www.canon-europe.com/support/product-security/"
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "f98c90f0-e9bd-4fa7-911b-51993f3571fd",
        "assignerShortName": "Canon",
        "cveId": "CVE-2025-14237",
        "datePublished": "2026-01-15T23:40:35.434Z",
        "dateReserved": "2025-12-07T23:53:44.786Z",
        "dateUpdated": "2026-02-26T15:04:03.679Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2025-14236 (GCVE-0-2025-14236)

    Vulnerability from nvd – Published: 2026-01-15 23:39 – Updated: 2026-02-26 15:04
    VLAI
    Summary
    Buffer overflow in Address Book attribute tag processing on Small Office Multifunction Printers(*) which may allow an attacker on the network segment to trigger the affected product being unresponsive or to execute arbitrary code. *: Satera LBP670C Series/Satera MF750C Series firmware v06.02 and earlier sold in Japan.Color imageCLASS LBP630C/Color imageCLASS MF650C Series/imageCLASS LBP230 Series/imageCLASS X LBP1238 II/imageCLASS MF450 Series/imageCLASS X MF1238 II/imageCLASS X MF1643i II/imageCLASS X MF1643iF II firmware v06.02 and earlier sold in US.i-SENSYS LBP630C Series/i-SENSYS MF650C Series/i-SENSYS LBP230 Series/1238P II/1238Pr II/i-SENSYS MF450 Series/i-SENSYS MF550 Series/1238i II/1238iF II/imageRUNNER 1643i II/imageRUNNER 1643iF II firmware v06.02 and earlier sold in Europe.
    SSVC
    Exploitation: none Automatable: yes Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    Impacted products
    Vendor Product Version
    Canon Inc. Satera LBP670C Series Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. Satera MF750C Series Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. Color imageCLASS LBP630C Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. Color imageCLASS MF650C Series Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. imageCLASS LBP230 Series Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. imageCLASS X LBP1238 II Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. imageCLASS MF450 Series Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. imageCLASS X MF1238 II Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. imageCLASS X MF1643i II Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. imageCLASS X MF1643iF II Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. i-SENSYS LBP630C Series Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. i-SENSYS MF650C Series Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. i-SENSYS LBP230 Series Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. 1238P II Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. 1238Pr II Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. i-SENSYS MF450 Series Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. i-SENSYS MF550 Series Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. 1238i II Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. 1238iF II Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. imageRUNNER 1643i II Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. imageRUNNER 1643iF II Affected: 06.02 and earlier
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-14236",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-01-17T04:55:21.233971Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-02-26T15:04:03.981Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Satera LBP670C Series",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "Satera MF750C Series",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "Color imageCLASS LBP630C",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "Color imageCLASS MF650C Series",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "imageCLASS LBP230 Series",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "imageCLASS X LBP1238 II",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "imageCLASS MF450 Series",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "imageCLASS X MF1238 II",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "imageCLASS X MF1643i II",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "imageCLASS X MF1643iF II",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "i-SENSYS LBP630C Series",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "i-SENSYS MF650C Series",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "i-SENSYS LBP230 Series",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "1238P II",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "1238Pr II",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "i-SENSYS MF450 Series",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "i-SENSYS MF550 Series",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "1238i II",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "1238iF II",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "imageRUNNER 1643i II",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "imageRUNNER 1643iF II",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cp\u003eBuffer overflow in Address Book attribute tag processing on Small Office Multifunction Printers(*) which may allow an attacker on the network segment to trigger the affected product being unresponsive or to execute arbitrary code. *: Satera LBP670C Series/Satera MF750C Series firmware v06.02 and earlier sold in Japan.Color imageCLASS LBP630C/Color imageCLASS MF650C Series/imageCLASS LBP230 Series/imageCLASS X LBP1238 II/imageCLASS MF450 Series/imageCLASS X MF1238 II/imageCLASS X MF1643i II/imageCLASS X MF1643iF II firmware v06.02 and earlier sold in US.i-SENSYS LBP630C Series/i-SENSYS MF650C Series/i-SENSYS LBP230 Series/1238P II/1238Pr II/i-SENSYS MF450 Series/i-SENSYS MF550 Series/1238i II/1238iF II/imageRUNNER 1643i II/imageRUNNER 1643iF II firmware v06.02 and earlier sold in Europe.\u003c/p\u003e"
                }
              ],
              "value": "Buffer overflow in Address Book attribute tag processing on Small Office Multifunction Printers(*) which may allow an attacker on the network segment to trigger the affected product being unresponsive or to execute arbitrary code. *: Satera LBP670C Series/Satera MF750C Series firmware v06.02 and earlier sold in Japan.Color imageCLASS LBP630C/Color imageCLASS MF650C Series/imageCLASS LBP230 Series/imageCLASS X LBP1238 II/imageCLASS MF450 Series/imageCLASS X MF1238 II/imageCLASS X MF1643i II/imageCLASS X MF1643iF II firmware v06.02 and earlier sold in US.i-SENSYS LBP630C Series/i-SENSYS MF650C Series/i-SENSYS LBP230 Series/1238P II/1238Pr II/i-SENSYS MF450 Series/i-SENSYS MF550 Series/1238i II/1238iF II/imageRUNNER 1643i II/imageRUNNER 1643iF II firmware v06.02 and earlier sold in Europe."
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "attackComplexity": "LOW",
                "attackRequirements": "NONE",
                "attackVector": "NETWORK",
                "baseScore": 9.3,
                "baseSeverity": "CRITICAL",
                "exploitMaturity": "NOT_DEFINED",
                "privilegesRequired": "NONE",
                "providerUrgency": "NOT_DEFINED",
                "subAvailabilityImpact": "NONE",
                "subConfidentialityImpact": "NONE",
                "subIntegrityImpact": "NONE",
                "userInteraction": "NONE",
                "valueDensity": "NOT_DEFINED",
                "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
                "version": "4.0",
                "vulnAvailabilityImpact": "HIGH",
                "vulnConfidentialityImpact": "HIGH",
                "vulnIntegrityImpact": "HIGH",
                "vulnerabilityResponseEffort": "NOT_DEFINED"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            },
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 9.8,
                "baseSeverity": "CRITICAL",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-787",
                  "description": "CWE-787: Out-of-bounds Write",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-01-15T23:39:50.760Z",
            "orgId": "f98c90f0-e9bd-4fa7-911b-51993f3571fd",
            "shortName": "Canon"
          },
          "references": [
            {
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://psirt.canon/advisory-information/cp2026-001/"
            },
            {
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://canon.jp/support/support-info/260115vulnerability-response"
            },
            {
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://www.usa.canon.com/support/canon-product-advisories/Service-Notice-Regarding-Remediation-Measure-Against-Potential-Buffer-Overflow-Vulnerability-in-Laser-Printers-and-Small-Office-Multifunctional-Printers"
            },
            {
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://www.canon-europe.com/support/product-security/"
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "f98c90f0-e9bd-4fa7-911b-51993f3571fd",
        "assignerShortName": "Canon",
        "cveId": "CVE-2025-14236",
        "datePublished": "2026-01-15T23:39:50.760Z",
        "dateReserved": "2025-12-07T23:53:42.485Z",
        "dateUpdated": "2026-02-26T15:04:03.981Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2025-14235 (GCVE-0-2025-14235)

    Vulnerability from nvd – Published: 2026-01-15 23:38 – Updated: 2026-02-26 15:04
    VLAI
    Summary
    Buffer overflow in XPS font fpgm data processing on Small Office Multifunction Printers and Laser Printers(*) which may allow an attacker on the network segment to trigger the affected product being unresponsive or to execute arbitrary code. *: Satera LBP670C Series/Satera MF750C Series firmware v06.02 and earlier sold in Japan.Color imageCLASS LBP630C/Color imageCLASS MF650C Series/imageCLASS LBP230 Series/imageCLASS X LBP1238 II/imageCLASS MF450 Series/imageCLASS X MF1238 II/imageCLASS X MF1643i II/imageCLASS X MF1643iF II firmware v06.02 and earlier sold in US.i-SENSYS LBP630C Series/i-SENSYS MF650C Series/i-SENSYS LBP230 Series/1238P II/1238Pr II/i-SENSYS MF450 Series/i-SENSYS MF550 Series/1238i II/1238iF II/imageRUNNER 1643i II/imageRUNNER 1643iF II firmware v06.02 and earlier sold in Europe.
    SSVC
    Exploitation: none Automatable: yes Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    Impacted products
    Vendor Product Version
    Canon Inc. Satera LBP670C Series Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. Satera MF750C Series Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. Color imageCLASS LBP630C Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. Color imageCLASS MF650C Series Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. imageCLASS LBP230 Series Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. imageCLASS X LBP1238 II Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. imageCLASS MF450 Series Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. imageCLASS X MF1238 II Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. imageCLASS X MF1643i II Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. imageCLASS X MF1643iF II Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. i-SENSYS LBP630C Series Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. i-SENSYS MF650C Series Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. i-SENSYS LBP230 Series Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. 1238P II Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. 1238Pr II Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. i-SENSYS MF450 Series Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. i-SENSYS MF550 Series Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. 1238i II Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. 1238iF II Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. imageRUNNER 1643i II Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. imageRUNNER 1643iF II Affected: 06.02 and earlier
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-14235",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-01-17T04:55:20.123768Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-02-26T15:04:04.493Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Satera LBP670C Series",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "Satera MF750C Series",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "Color imageCLASS LBP630C",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "Color imageCLASS MF650C Series",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "imageCLASS LBP230 Series",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "imageCLASS X LBP1238 II",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "imageCLASS MF450 Series",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "imageCLASS X MF1238 II",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "imageCLASS X MF1643i II",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "imageCLASS X MF1643iF II",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "i-SENSYS LBP630C Series",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "i-SENSYS MF650C Series",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "i-SENSYS LBP230 Series",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "1238P II",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "1238Pr II",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "i-SENSYS MF450 Series",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "i-SENSYS MF550 Series",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "1238i II",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "1238iF II",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "imageRUNNER 1643i II",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "imageRUNNER 1643iF II",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cp\u003eBuffer overflow in XPS font fpgm data processing on Small Office Multifunction Printers and Laser Printers(*) which may allow an attacker on the network segment to trigger the affected product being unresponsive or to execute arbitrary code. *: Satera LBP670C Series/Satera MF750C Series firmware v06.02 and earlier sold in Japan.Color imageCLASS LBP630C/Color imageCLASS MF650C Series/imageCLASS LBP230 Series/imageCLASS X LBP1238 II/imageCLASS MF450 Series/imageCLASS X MF1238 II/imageCLASS X MF1643i II/imageCLASS X MF1643iF II firmware v06.02 and earlier sold in US.i-SENSYS LBP630C Series/i-SENSYS MF650C Series/i-SENSYS LBP230 Series/1238P II/1238Pr II/i-SENSYS MF450 Series/i-SENSYS MF550 Series/1238i II/1238iF II/imageRUNNER 1643i II/imageRUNNER 1643iF II firmware v06.02 and earlier sold in Europe.\u003c/p\u003e"
                }
              ],
              "value": "Buffer overflow in XPS font fpgm data processing on Small Office Multifunction Printers and Laser Printers(*) which may allow an attacker on the network segment to trigger the affected product being unresponsive or to execute arbitrary code. *: Satera LBP670C Series/Satera MF750C Series firmware v06.02 and earlier sold in Japan.Color imageCLASS LBP630C/Color imageCLASS MF650C Series/imageCLASS LBP230 Series/imageCLASS X LBP1238 II/imageCLASS MF450 Series/imageCLASS X MF1238 II/imageCLASS X MF1643i II/imageCLASS X MF1643iF II firmware v06.02 and earlier sold in US.i-SENSYS LBP630C Series/i-SENSYS MF650C Series/i-SENSYS LBP230 Series/1238P II/1238Pr II/i-SENSYS MF450 Series/i-SENSYS MF550 Series/1238i II/1238iF II/imageRUNNER 1643i II/imageRUNNER 1643iF II firmware v06.02 and earlier sold in Europe."
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "attackComplexity": "LOW",
                "attackRequirements": "NONE",
                "attackVector": "NETWORK",
                "baseScore": 9.3,
                "baseSeverity": "CRITICAL",
                "exploitMaturity": "NOT_DEFINED",
                "privilegesRequired": "NONE",
                "providerUrgency": "NOT_DEFINED",
                "subAvailabilityImpact": "NONE",
                "subConfidentialityImpact": "NONE",
                "subIntegrityImpact": "NONE",
                "userInteraction": "NONE",
                "valueDensity": "NOT_DEFINED",
                "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
                "version": "4.0",
                "vulnAvailabilityImpact": "HIGH",
                "vulnConfidentialityImpact": "HIGH",
                "vulnIntegrityImpact": "HIGH",
                "vulnerabilityResponseEffort": "NOT_DEFINED"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            },
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 9.8,
                "baseSeverity": "CRITICAL",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-787",
                  "description": "CWE-787: Out-of-bounds Write",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-01-15T23:38:53.584Z",
            "orgId": "f98c90f0-e9bd-4fa7-911b-51993f3571fd",
            "shortName": "Canon"
          },
          "references": [
            {
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://psirt.canon/advisory-information/cp2026-001/"
            },
            {
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://canon.jp/support/support-info/260115vulnerability-response"
            },
            {
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://www.usa.canon.com/support/canon-product-advisories/Service-Notice-Regarding-Remediation-Measure-Against-Potential-Buffer-Overflow-Vulnerability-in-Laser-Printers-and-Small-Office-Multifunctional-Printers"
            },
            {
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://www.canon-europe.com/support/product-security/"
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "f98c90f0-e9bd-4fa7-911b-51993f3571fd",
        "assignerShortName": "Canon",
        "cveId": "CVE-2025-14235",
        "datePublished": "2026-01-15T23:38:53.584Z",
        "dateReserved": "2025-12-07T23:53:39.814Z",
        "dateUpdated": "2026-02-26T15:04:04.493Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2025-14234 (GCVE-0-2025-14234)

    Vulnerability from nvd – Published: 2026-01-15 23:38 – Updated: 2026-02-26 15:04
    VLAI
    Summary
    Buffer overflow in CPCA list processing on Small Office Multifunction Printers and Laser Printers(*) which may allow an attacker on the network segment to trigger the affected product being unresponsive or to execute arbitrary code. *: Satera LBP670C Series/Satera MF750C Series firmware v06.02 and earlier sold in Japan.Color imageCLASS LBP630C/Color imageCLASS MF650C Series/imageCLASS LBP230 Series/imageCLASS X LBP1238 II/imageCLASS MF450 Series/imageCLASS X MF1238 II/imageCLASS X MF1643i II/imageCLASS X MF1643iF II firmware v06.02 and earlier sold in US.i-SENSYS LBP630C Series/i-SENSYS MF650C Series/i-SENSYS LBP230 Series/1238P II/1238Pr II/i-SENSYS MF450 Series/i-SENSYS MF550 Series/1238i II/1238iF II/imageRUNNER 1643i II/imageRUNNER 1643iF II firmware v06.02 and earlier sold in Europe.
    SSVC
    Exploitation: none Automatable: yes Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    Impacted products
    Vendor Product Version
    Canon Inc. Satera LBP670C Series Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. Satera MF750C Series Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. Color imageCLASS LBP630C Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. Color imageCLASS MF650C Series Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. imageCLASS LBP230 Series Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. imageCLASS X LBP1238 II Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. imageCLASS MF450 Series Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. imageCLASS X MF1238 II Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. imageCLASS X MF1643i II Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. imageCLASS X MF1643iF II Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. i-SENSYS LBP630C Series Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. i-SENSYS MF650C Series Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. i-SENSYS LBP230 Series Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. 1238P II Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. 1238Pr II Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. i-SENSYS MF450 Series Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. i-SENSYS MF550 Series Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. 1238i II Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. 1238iF II Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. imageRUNNER 1643i II Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. imageRUNNER 1643iF II Affected: 06.02 and earlier
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-14234",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-01-17T04:55:18.971276Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-02-26T15:04:05.147Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Satera LBP670C Series",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "Satera MF750C Series",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "Color imageCLASS LBP630C",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "Color imageCLASS MF650C Series",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "imageCLASS LBP230 Series",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "imageCLASS X LBP1238 II",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "imageCLASS MF450 Series",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "imageCLASS X MF1238 II",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "imageCLASS X MF1643i II",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "imageCLASS X MF1643iF II",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "i-SENSYS LBP630C Series",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "i-SENSYS MF650C Series",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "i-SENSYS LBP230 Series",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "1238P II",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "1238Pr II",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "i-SENSYS MF450 Series",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "i-SENSYS MF550 Series",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "1238i II",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "1238iF II",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "imageRUNNER 1643i II",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "imageRUNNER 1643iF II",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cp\u003eBuffer overflow in CPCA list processing on Small Office Multifunction Printers and Laser Printers(*) which may allow an attacker on the network segment to trigger the affected product being unresponsive or to execute arbitrary code. *: Satera LBP670C Series/Satera MF750C Series firmware v06.02 and earlier sold in Japan.Color imageCLASS LBP630C/Color imageCLASS MF650C Series/imageCLASS LBP230 Series/imageCLASS X LBP1238 II/imageCLASS MF450 Series/imageCLASS X MF1238 II/imageCLASS X MF1643i II/imageCLASS X MF1643iF II firmware v06.02 and earlier sold in US.i-SENSYS LBP630C Series/i-SENSYS MF650C Series/i-SENSYS LBP230 Series/1238P II/1238Pr II/i-SENSYS MF450 Series/i-SENSYS MF550 Series/1238i II/1238iF II/imageRUNNER 1643i II/imageRUNNER 1643iF II firmware v06.02 and earlier sold in Europe.\u003c/p\u003e"
                }
              ],
              "value": "Buffer overflow in CPCA list processing on Small Office Multifunction Printers and Laser Printers(*) which may allow an attacker on the network segment to trigger the affected product being unresponsive or to execute arbitrary code. *: Satera LBP670C Series/Satera MF750C Series firmware v06.02 and earlier sold in Japan.Color imageCLASS LBP630C/Color imageCLASS MF650C Series/imageCLASS LBP230 Series/imageCLASS X LBP1238 II/imageCLASS MF450 Series/imageCLASS X MF1238 II/imageCLASS X MF1643i II/imageCLASS X MF1643iF II firmware v06.02 and earlier sold in US.i-SENSYS LBP630C Series/i-SENSYS MF650C Series/i-SENSYS LBP230 Series/1238P II/1238Pr II/i-SENSYS MF450 Series/i-SENSYS MF550 Series/1238i II/1238iF II/imageRUNNER 1643i II/imageRUNNER 1643iF II firmware v06.02 and earlier sold in Europe."
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "attackComplexity": "LOW",
                "attackRequirements": "NONE",
                "attackVector": "NETWORK",
                "baseScore": 9.3,
                "baseSeverity": "CRITICAL",
                "exploitMaturity": "NOT_DEFINED",
                "privilegesRequired": "NONE",
                "providerUrgency": "NOT_DEFINED",
                "subAvailabilityImpact": "NONE",
                "subConfidentialityImpact": "NONE",
                "subIntegrityImpact": "NONE",
                "userInteraction": "NONE",
                "valueDensity": "NOT_DEFINED",
                "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
                "version": "4.0",
                "vulnAvailabilityImpact": "HIGH",
                "vulnConfidentialityImpact": "HIGH",
                "vulnIntegrityImpact": "HIGH",
                "vulnerabilityResponseEffort": "NOT_DEFINED"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            },
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 9.8,
                "baseSeverity": "CRITICAL",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-787",
                  "description": "CWE-787: Out-of-bounds Write",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-01-15T23:38:13.313Z",
            "orgId": "f98c90f0-e9bd-4fa7-911b-51993f3571fd",
            "shortName": "Canon"
          },
          "references": [
            {
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://psirt.canon/advisory-information/cp2026-001/"
            },
            {
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://canon.jp/support/support-info/260115vulnerability-response"
            },
            {
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://www.usa.canon.com/support/canon-product-advisories/Service-Notice-Regarding-Remediation-Measure-Against-Potential-Buffer-Overflow-Vulnerability-in-Laser-Printers-and-Small-Office-Multifunctional-Printers"
            },
            {
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://www.canon-europe.com/support/product-security/"
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "f98c90f0-e9bd-4fa7-911b-51993f3571fd",
        "assignerShortName": "Canon",
        "cveId": "CVE-2025-14234",
        "datePublished": "2026-01-15T23:38:13.313Z",
        "dateReserved": "2025-12-07T23:53:37.575Z",
        "dateUpdated": "2026-02-26T15:04:05.147Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2025-14233 (GCVE-0-2025-14233)

    Vulnerability from nvd – Published: 2026-01-15 23:37 – Updated: 2026-02-26 15:04
    VLAI
    Summary
    Invalid free in CPCA file deletion processing on Small Office Multifunction Printers and Laser Printers(*) which may allow an attacker on the network segment to trigger the affected product being unresponsive or to execute arbitrary code. *: Satera LBP670C Series/Satera MF750C Series firmware v06.02 and earlier sold in Japan.Color imageCLASS LBP630C/Color imageCLASS MF650C Series/imageCLASS LBP230 Series/imageCLASS X LBP1238 II/imageCLASS MF450 Series/imageCLASS X MF1238 II/imageCLASS X MF1643i II/imageCLASS X MF1643iF II firmware v06.02 and earlier sold in US.i-SENSYS LBP630C Series/i-SENSYS MF650C Series/i-SENSYS LBP230 Series/1238P II/1238Pr II/i-SENSYS MF450 Series/i-SENSYS MF550 Series/1238i II/1238iF II/imageRUNNER 1643i II/imageRUNNER 1643iF II firmware v06.02 and earlier sold in Europe.
    SSVC
    Exploitation: none Automatable: yes Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-763 - Release of Invalid Pointer or Reference
    Assigner
    Impacted products
    Vendor Product Version
    Canon Inc. Satera LBP670C Series Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. Satera MF750C Series Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. Color imageCLASS LBP630C Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. Color imageCLASS MF650C Series Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. imageCLASS LBP230 Series Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. imageCLASS X LBP1238 II Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. imageCLASS MF450 Series Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. imageCLASS X MF1238 II Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. imageCLASS X MF1643i II Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. imageCLASS X MF1643iF II Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. i-SENSYS LBP630C Series Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. i-SENSYS MF650C Series Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. i-SENSYS LBP230 Series Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. 1238P II Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. 1238Pr II Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. i-SENSYS MF450 Series Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. i-SENSYS MF550 Series Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. 1238i II Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. 1238iF II Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. imageRUNNER 1643i II Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. imageRUNNER 1643iF II Affected: 06.02 and earlier
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-14233",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-01-17T04:55:17.853082Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-02-26T15:04:05.546Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Satera LBP670C Series",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "Satera MF750C Series",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "Color imageCLASS LBP630C",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "Color imageCLASS MF650C Series",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "imageCLASS LBP230 Series",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "imageCLASS X LBP1238 II",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "imageCLASS MF450 Series",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "imageCLASS X MF1238 II",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "imageCLASS X MF1643i II",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "imageCLASS X MF1643iF II",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "i-SENSYS LBP630C Series",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "i-SENSYS MF650C Series",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "i-SENSYS LBP230 Series",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "1238P II",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "1238Pr II",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "i-SENSYS MF450 Series",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "i-SENSYS MF550 Series",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "1238i II",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "1238iF II",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "imageRUNNER 1643i II",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "imageRUNNER 1643iF II",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cp\u003eInvalid free in CPCA file deletion processing on Small Office Multifunction Printers and Laser Printers(*) which may allow an attacker on the network segment to trigger the affected product being unresponsive or to execute arbitrary code. *: Satera LBP670C Series/Satera MF750C Series firmware v06.02 and earlier sold in Japan.Color imageCLASS LBP630C/Color imageCLASS MF650C Series/imageCLASS LBP230 Series/imageCLASS X LBP1238 II/imageCLASS MF450 Series/imageCLASS X MF1238 II/imageCLASS X MF1643i II/imageCLASS X MF1643iF II firmware v06.02 and earlier sold in US.i-SENSYS LBP630C Series/i-SENSYS MF650C Series/i-SENSYS LBP230 Series/1238P II/1238Pr II/i-SENSYS MF450 Series/i-SENSYS MF550 Series/1238i II/1238iF II/imageRUNNER 1643i II/imageRUNNER 1643iF II firmware v06.02 and earlier sold in Europe.\u003c/p\u003e"
                }
              ],
              "value": "Invalid free in CPCA file deletion processing on Small Office Multifunction Printers and Laser Printers(*) which may allow an attacker on the network segment to trigger the affected product being unresponsive or to execute arbitrary code. *: Satera LBP670C Series/Satera MF750C Series firmware v06.02 and earlier sold in Japan.Color imageCLASS LBP630C/Color imageCLASS MF650C Series/imageCLASS LBP230 Series/imageCLASS X LBP1238 II/imageCLASS MF450 Series/imageCLASS X MF1238 II/imageCLASS X MF1643i II/imageCLASS X MF1643iF II firmware v06.02 and earlier sold in US.i-SENSYS LBP630C Series/i-SENSYS MF650C Series/i-SENSYS LBP230 Series/1238P II/1238Pr II/i-SENSYS MF450 Series/i-SENSYS MF550 Series/1238i II/1238iF II/imageRUNNER 1643i II/imageRUNNER 1643iF II firmware v06.02 and earlier sold in Europe."
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "attackComplexity": "LOW",
                "attackRequirements": "NONE",
                "attackVector": "NETWORK",
                "baseScore": 9.3,
                "baseSeverity": "CRITICAL",
                "exploitMaturity": "NOT_DEFINED",
                "privilegesRequired": "NONE",
                "providerUrgency": "NOT_DEFINED",
                "subAvailabilityImpact": "NONE",
                "subConfidentialityImpact": "NONE",
                "subIntegrityImpact": "NONE",
                "userInteraction": "NONE",
                "valueDensity": "NOT_DEFINED",
                "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
                "version": "4.0",
                "vulnAvailabilityImpact": "HIGH",
                "vulnConfidentialityImpact": "HIGH",
                "vulnIntegrityImpact": "HIGH",
                "vulnerabilityResponseEffort": "NOT_DEFINED"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            },
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 9.8,
                "baseSeverity": "CRITICAL",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-763",
                  "description": "CWE-763: Release of Invalid Pointer or Reference",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-01-15T23:37:29.921Z",
            "orgId": "f98c90f0-e9bd-4fa7-911b-51993f3571fd",
            "shortName": "Canon"
          },
          "references": [
            {
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://psirt.canon/advisory-information/cp2026-001/"
            },
            {
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://canon.jp/support/support-info/260115vulnerability-response"
            },
            {
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://www.usa.canon.com/support/canon-product-advisories/Service-Notice-Regarding-Remediation-Measure-Against-Potential-Buffer-Overflow-Vulnerability-in-Laser-Printers-and-Small-Office-Multifunctional-Printers"
            },
            {
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://www.canon-europe.com/support/product-security/"
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "f98c90f0-e9bd-4fa7-911b-51993f3571fd",
        "assignerShortName": "Canon",
        "cveId": "CVE-2025-14233",
        "datePublished": "2026-01-15T23:37:29.921Z",
        "dateReserved": "2025-12-07T23:53:35.177Z",
        "dateUpdated": "2026-02-26T15:04:05.546Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2025-14232 (GCVE-0-2025-14232)

    Vulnerability from nvd – Published: 2026-01-15 23:36 – Updated: 2026-02-26 15:04
    VLAI
    Summary
    Buffer overflow in XML processing of XPS file in Small Office Multifunction Printers and Laser Printers(*) which may allow an attacker on the network segment to trigger the affected product being unresponsive or to execute arbitrary code. *: Satera LBP670C Series/Satera MF750C Series firmware v06.02 and earlier sold in Japan.Color imageCLASS LBP630C/Color imageCLASS MF650C Series/imageCLASS LBP230 Series/imageCLASS X LBP1238 II/imageCLASS MF450 Series/imageCLASS X MF1238 II/imageCLASS X MF1643i II/imageCLASS X MF1643iF II firmware v06.02 and earlier sold in US.i-SENSYS LBP630C Series/i-SENSYS MF650C Series/i-SENSYS LBP230 Series/1238P II/1238Pr II/i-SENSYS MF450 Series/i-SENSYS MF550 Series/1238i II/1238iF II/imageRUNNER 1643i II/imageRUNNER 1643iF II firmware v06.02 and earlier sold in Europe.
    SSVC
    Exploitation: none Automatable: yes Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    Impacted products
    Vendor Product Version
    Canon Inc. Satera LBP670C Series Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. Satera MF750C Series Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. Color imageCLASS LBP630C Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. Color imageCLASS MF650C Series Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. imageCLASS LBP230 Series Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. imageCLASS X LBP1238 II Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. imageCLASS MF450 Series Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. imageCLASS X MF1238 II Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. imageCLASS X MF1643i II Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. imageCLASS X MF1643iF II Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. i-SENSYS LBP630C Series Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. i-SENSYS MF650C Series Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. i-SENSYS LBP230 Series Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. 1238P II Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. 1238Pr II Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. i-SENSYS MF450 Series Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. i-SENSYS MF550 Series Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. 1238i II Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. 1238iF II Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. imageRUNNER 1643i II Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. imageRUNNER 1643iF II Affected: 06.02 and earlier
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-14232",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-01-17T04:55:16.757641Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-02-26T15:04:05.866Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Satera LBP670C Series",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "Satera MF750C Series",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "Color imageCLASS LBP630C",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "Color imageCLASS MF650C Series",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "imageCLASS LBP230 Series",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "imageCLASS X LBP1238 II",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "imageCLASS MF450 Series",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "imageCLASS X MF1238 II",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "imageCLASS X MF1643i II",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "imageCLASS X MF1643iF II",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "i-SENSYS LBP630C Series",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "i-SENSYS MF650C Series",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "i-SENSYS LBP230 Series",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "1238P II",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "1238Pr II",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "i-SENSYS MF450 Series",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "i-SENSYS MF550 Series",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "1238i II",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "1238iF II",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "imageRUNNER 1643i II",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "imageRUNNER 1643iF II",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cp\u003eBuffer overflow in XML processing of XPS file in Small Office Multifunction Printers and Laser Printers(*) which may allow an attacker on the network segment to trigger the affected product being unresponsive or to execute arbitrary code. *: Satera LBP670C Series/Satera MF750C Series firmware v06.02 and earlier sold in Japan.Color imageCLASS LBP630C/Color imageCLASS MF650C Series/imageCLASS LBP230 Series/imageCLASS X LBP1238 II/imageCLASS MF450 Series/imageCLASS X MF1238 II/imageCLASS X MF1643i II/imageCLASS X MF1643iF II firmware v06.02 and earlier sold in US.i-SENSYS LBP630C Series/i-SENSYS MF650C Series/i-SENSYS LBP230 Series/1238P II/1238Pr II/i-SENSYS MF450 Series/i-SENSYS MF550 Series/1238i II/1238iF II/imageRUNNER 1643i II/imageRUNNER 1643iF II firmware v06.02 and earlier sold in Europe.\u003c/p\u003e"
                }
              ],
              "value": "Buffer overflow in XML processing of XPS file in Small Office Multifunction Printers and Laser Printers(*) which may allow an attacker on the network segment to trigger the affected product being unresponsive or to execute arbitrary code. *: Satera LBP670C Series/Satera MF750C Series firmware v06.02 and earlier sold in Japan.Color imageCLASS LBP630C/Color imageCLASS MF650C Series/imageCLASS LBP230 Series/imageCLASS X LBP1238 II/imageCLASS MF450 Series/imageCLASS X MF1238 II/imageCLASS X MF1643i II/imageCLASS X MF1643iF II firmware v06.02 and earlier sold in US.i-SENSYS LBP630C Series/i-SENSYS MF650C Series/i-SENSYS LBP230 Series/1238P II/1238Pr II/i-SENSYS MF450 Series/i-SENSYS MF550 Series/1238i II/1238iF II/imageRUNNER 1643i II/imageRUNNER 1643iF II firmware v06.02 and earlier sold in Europe."
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "attackComplexity": "LOW",
                "attackRequirements": "NONE",
                "attackVector": "NETWORK",
                "baseScore": 9.3,
                "baseSeverity": "CRITICAL",
                "exploitMaturity": "NOT_DEFINED",
                "privilegesRequired": "NONE",
                "providerUrgency": "NOT_DEFINED",
                "subAvailabilityImpact": "NONE",
                "subConfidentialityImpact": "NONE",
                "subIntegrityImpact": "NONE",
                "userInteraction": "NONE",
                "valueDensity": "NOT_DEFINED",
                "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
                "version": "4.0",
                "vulnAvailabilityImpact": "HIGH",
                "vulnConfidentialityImpact": "HIGH",
                "vulnIntegrityImpact": "HIGH",
                "vulnerabilityResponseEffort": "NOT_DEFINED"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            },
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 9.8,
                "baseSeverity": "CRITICAL",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-787",
                  "description": "CWE-787: Out-of-bounds Write",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-01-15T23:36:27.072Z",
            "orgId": "f98c90f0-e9bd-4fa7-911b-51993f3571fd",
            "shortName": "Canon"
          },
          "references": [
            {
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://psirt.canon/advisory-information/cp2026-001/"
            },
            {
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://canon.jp/support/support-info/260115vulnerability-response"
            },
            {
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://www.usa.canon.com/support/canon-product-advisories/Service-Notice-Regarding-Remediation-Measure-Against-Potential-Buffer-Overflow-Vulnerability-in-Laser-Printers-and-Small-Office-Multifunctional-Printers"
            },
            {
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://www.canon-europe.com/support/product-security/"
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "f98c90f0-e9bd-4fa7-911b-51993f3571fd",
        "assignerShortName": "Canon",
        "cveId": "CVE-2025-14232",
        "datePublished": "2026-01-15T23:36:27.072Z",
        "dateReserved": "2025-12-07T23:53:33.202Z",
        "dateUpdated": "2026-02-26T15:04:05.866Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2025-14231 (GCVE-0-2025-14231)

    Vulnerability from nvd – Published: 2026-01-15 23:35 – Updated: 2026-02-26 15:04
    VLAI
    Summary
    Buffer overflow in print job processing by WSD on Small Office Multifunction Printers and Laser Printers(*) which may allow an attacker on the network segment to trigger the affected product being unresponsive or to execute arbitrary code. *: Satera LBP670C Series/Satera MF750C Series firmware v06.02 and earlier sold in Japan.Color imageCLASS LBP630C/Color imageCLASS MF650C Series/imageCLASS LBP230 Series/imageCLASS X LBP1238 II/imageCLASS MF450 Series/imageCLASS X MF1238 II/imageCLASS X MF1643i II/imageCLASS X MF1643iF II firmware v06.02 and earlier sold in US.i-SENSYS LBP630C Series/i-SENSYS MF650C Series/i-SENSYS LBP230 Series/1238P II/1238Pr II/i-SENSYS MF450 Series/i-SENSYS MF550 Series/1238i II/1238iF II/imageRUNNER 1643i II/imageRUNNER 1643iF II firmware v06.02 and earlier sold in Europe.
    SSVC
    Exploitation: none Automatable: yes Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    Impacted products
    Vendor Product Version
    Canon Inc. Satera LBP670C Series Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. Satera MF750C Series Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. Color imageCLASS LBP630C Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. Color imageCLASS MF650C Series Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. imageCLASS LBP230 Series Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. imageCLASS X LBP1238 II Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. imageCLASS MF450 Series Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. imageCLASS X MF1238 II Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. imageCLASS X MF1643i II Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. imageCLASS X MF1643iF II Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. i-SENSYS LBP630C Series Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. i-SENSYS MF650C Series Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. i-SENSYS LBP230 Series Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. 1238P II Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. 1238Pr II Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. i-SENSYS MF450 Series Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. i-SENSYS MF550 Series Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. 1238i II Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. 1238iF II Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. imageRUNNER 1643i II Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. imageRUNNER 1643iF II Affected: 06.02 and earlier
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-14231",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-01-17T04:55:14.523463Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-02-26T15:04:06.152Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Satera LBP670C Series",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "Satera MF750C Series",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "Color imageCLASS LBP630C",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "Color imageCLASS MF650C Series",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "imageCLASS LBP230 Series",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "imageCLASS X LBP1238 II",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "imageCLASS MF450 Series",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "imageCLASS X MF1238 II",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "imageCLASS X MF1643i II",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "imageCLASS X MF1643iF II",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "i-SENSYS LBP630C Series",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "i-SENSYS MF650C Series",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "i-SENSYS LBP230 Series",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "1238P II",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "1238Pr II",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "i-SENSYS MF450 Series",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "i-SENSYS MF550 Series",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "1238i II",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "1238iF II",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "imageRUNNER 1643i II",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "imageRUNNER 1643iF II",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cp\u003eBuffer overflow in print job processing by WSD on Small Office Multifunction Printers and Laser Printers(*) which may allow an attacker on the network segment to trigger the affected product being unresponsive or to execute arbitrary code. *: Satera LBP670C Series/Satera MF750C Series firmware v06.02 and earlier sold in Japan.Color imageCLASS LBP630C/Color imageCLASS MF650C Series/imageCLASS LBP230 Series/imageCLASS X LBP1238 II/imageCLASS MF450 Series/imageCLASS X MF1238 II/imageCLASS X MF1643i II/imageCLASS X MF1643iF II firmware v06.02 and earlier sold in US.i-SENSYS LBP630C Series/i-SENSYS MF650C Series/i-SENSYS LBP230 Series/1238P II/1238Pr II/i-SENSYS MF450 Series/i-SENSYS MF550 Series/1238i II/1238iF II/imageRUNNER 1643i II/imageRUNNER 1643iF II firmware v06.02 and earlier sold in Europe.\u003c/p\u003e"
                }
              ],
              "value": "Buffer overflow in print job processing by WSD on Small Office Multifunction Printers and Laser Printers(*) which may allow an attacker on the network segment to trigger the affected product being unresponsive or to execute arbitrary code. *: Satera LBP670C Series/Satera MF750C Series firmware v06.02 and earlier sold in Japan.Color imageCLASS LBP630C/Color imageCLASS MF650C Series/imageCLASS LBP230 Series/imageCLASS X LBP1238 II/imageCLASS MF450 Series/imageCLASS X MF1238 II/imageCLASS X MF1643i II/imageCLASS X MF1643iF II firmware v06.02 and earlier sold in US.i-SENSYS LBP630C Series/i-SENSYS MF650C Series/i-SENSYS LBP230 Series/1238P II/1238Pr II/i-SENSYS MF450 Series/i-SENSYS MF550 Series/1238i II/1238iF II/imageRUNNER 1643i II/imageRUNNER 1643iF II firmware v06.02 and earlier sold in Europe."
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "attackComplexity": "LOW",
                "attackRequirements": "NONE",
                "attackVector": "NETWORK",
                "baseScore": 9.3,
                "baseSeverity": "CRITICAL",
                "exploitMaturity": "NOT_DEFINED",
                "privilegesRequired": "NONE",
                "providerUrgency": "NOT_DEFINED",
                "subAvailabilityImpact": "NONE",
                "subConfidentialityImpact": "NONE",
                "subIntegrityImpact": "NONE",
                "userInteraction": "NONE",
                "valueDensity": "NOT_DEFINED",
                "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
                "version": "4.0",
                "vulnAvailabilityImpact": "HIGH",
                "vulnConfidentialityImpact": "HIGH",
                "vulnIntegrityImpact": "HIGH",
                "vulnerabilityResponseEffort": "NOT_DEFINED"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            },
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 9.8,
                "baseSeverity": "CRITICAL",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-787",
                  "description": "CWE-787: Out-of-bounds Write",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-01-15T23:35:27.096Z",
            "orgId": "f98c90f0-e9bd-4fa7-911b-51993f3571fd",
            "shortName": "Canon"
          },
          "references": [
            {
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://psirt.canon/advisory-information/cp2026-001/"
            },
            {
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://canon.jp/support/support-info/260115vulnerability-response"
            },
            {
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://www.usa.canon.com/support/canon-product-advisories/Service-Notice-Regarding-Remediation-Measure-Against-Potential-Buffer-Overflow-Vulnerability-in-Laser-Printers-and-Small-Office-Multifunctional-Printers"
            },
            {
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://www.canon-europe.com/support/product-security/"
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "f98c90f0-e9bd-4fa7-911b-51993f3571fd",
        "assignerShortName": "Canon",
        "cveId": "CVE-2025-14231",
        "datePublished": "2026-01-15T23:35:27.096Z",
        "dateReserved": "2025-12-07T23:53:30.531Z",
        "dateUpdated": "2026-02-26T15:04:06.152Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2025-14237 (GCVE-0-2025-14237)

    Vulnerability from cvelistv5 – Published: 2026-01-15 23:40 – Updated: 2026-02-26 15:04
    VLAI
    Summary
    Buffer overflow in XPS font parse processing on Small Office Multifunction Printers and Laser Printers(*) which may allow an attacker on the network segment to trigger the affected product being unresponsive or to execute arbitrary code. *: Satera LBP670C Series/Satera MF750C Series firmware v06.02 and earlier sold in Japan.Color imageCLASS LBP630C/Color imageCLASS MF650C Series/imageCLASS LBP230 Series/imageCLASS X LBP1238 II/imageCLASS MF450 Series/imageCLASS X MF1238 II/imageCLASS X MF1643i II/imageCLASS X MF1643iF II firmware v06.02 and earlier sold in US.i-SENSYS LBP630C Series/i-SENSYS MF650C Series/i-SENSYS LBP230 Series/1238P II/1238Pr II/i-SENSYS MF450 Series/i-SENSYS MF550 Series/1238i II/1238iF II/imageRUNNER 1643i II/imageRUNNER 1643iF II firmware v06.02 and earlier sold in Europe.
    SSVC
    Exploitation: none Automatable: yes Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    Impacted products
    Vendor Product Version
    Canon Inc. Satera LBP670C Series Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. Satera MF750C Series Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. Color imageCLASS LBP630C Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. Color imageCLASS MF650C Series Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. imageCLASS LBP230 Series Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. imageCLASS X LBP1238 II Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. imageCLASS MF450 Series Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. imageCLASS X MF1238 II Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. imageCLASS X MF1643i II Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. imageCLASS X MF1643iF II Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. i-SENSYS LBP630C Series Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. i-SENSYS MF650C Series Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. i-SENSYS LBP230 Series Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. 1238P II Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. 1238Pr II Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. i-SENSYS MF450 Series Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. i-SENSYS MF550 Series Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. 1238i II Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. 1238iF II Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. imageRUNNER 1643i II Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. imageRUNNER 1643iF II Affected: 06.02 and earlier
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-14237",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-01-17T04:55:22.276871Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-02-26T15:04:03.679Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Satera LBP670C Series",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "Satera MF750C Series",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "Color imageCLASS LBP630C",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "Color imageCLASS MF650C Series",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "imageCLASS LBP230 Series",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "imageCLASS X LBP1238 II",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "imageCLASS MF450 Series",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "imageCLASS X MF1238 II",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "imageCLASS X MF1643i II",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "imageCLASS X MF1643iF II",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "i-SENSYS LBP630C Series",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "i-SENSYS MF650C Series",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "i-SENSYS LBP230 Series",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "1238P II",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "1238Pr II",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "i-SENSYS MF450 Series",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "i-SENSYS MF550 Series",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "1238i II",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "1238iF II",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "imageRUNNER 1643i II",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "imageRUNNER 1643iF II",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cp\u003eBuffer overflow in XPS font parse processing on Small Office Multifunction Printers and Laser Printers(*) which may allow an attacker on the network segment to trigger the affected product being unresponsive or to execute arbitrary code. *: Satera LBP670C Series/Satera MF750C Series firmware v06.02 and earlier sold in Japan.Color imageCLASS LBP630C/Color imageCLASS MF650C Series/imageCLASS LBP230 Series/imageCLASS X LBP1238 II/imageCLASS MF450 Series/imageCLASS X MF1238 II/imageCLASS X MF1643i II/imageCLASS X MF1643iF II firmware v06.02 and earlier sold in US.i-SENSYS LBP630C Series/i-SENSYS MF650C Series/i-SENSYS LBP230 Series/1238P II/1238Pr II/i-SENSYS MF450 Series/i-SENSYS MF550 Series/1238i II/1238iF II/imageRUNNER 1643i II/imageRUNNER 1643iF II firmware v06.02 and earlier sold in Europe.\u003c/p\u003e"
                }
              ],
              "value": "Buffer overflow in XPS font parse processing on Small Office Multifunction Printers and Laser Printers(*) which may allow an attacker on the network segment to trigger the affected product being unresponsive or to execute arbitrary code. *: Satera LBP670C Series/Satera MF750C Series firmware v06.02 and earlier sold in Japan.Color imageCLASS LBP630C/Color imageCLASS MF650C Series/imageCLASS LBP230 Series/imageCLASS X LBP1238 II/imageCLASS MF450 Series/imageCLASS X MF1238 II/imageCLASS X MF1643i II/imageCLASS X MF1643iF II firmware v06.02 and earlier sold in US.i-SENSYS LBP630C Series/i-SENSYS MF650C Series/i-SENSYS LBP230 Series/1238P II/1238Pr II/i-SENSYS MF450 Series/i-SENSYS MF550 Series/1238i II/1238iF II/imageRUNNER 1643i II/imageRUNNER 1643iF II firmware v06.02 and earlier sold in Europe."
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "attackComplexity": "LOW",
                "attackRequirements": "NONE",
                "attackVector": "NETWORK",
                "baseScore": 9.3,
                "baseSeverity": "CRITICAL",
                "exploitMaturity": "NOT_DEFINED",
                "privilegesRequired": "NONE",
                "providerUrgency": "NOT_DEFINED",
                "subAvailabilityImpact": "NONE",
                "subConfidentialityImpact": "NONE",
                "subIntegrityImpact": "NONE",
                "userInteraction": "NONE",
                "valueDensity": "NOT_DEFINED",
                "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
                "version": "4.0",
                "vulnAvailabilityImpact": "HIGH",
                "vulnConfidentialityImpact": "HIGH",
                "vulnIntegrityImpact": "HIGH",
                "vulnerabilityResponseEffort": "NOT_DEFINED"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            },
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 9.8,
                "baseSeverity": "CRITICAL",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-787",
                  "description": "CWE-787: Out-of-bounds Write",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-01-15T23:40:35.434Z",
            "orgId": "f98c90f0-e9bd-4fa7-911b-51993f3571fd",
            "shortName": "Canon"
          },
          "references": [
            {
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://psirt.canon/advisory-information/cp2026-001/"
            },
            {
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://canon.jp/support/support-info/260115vulnerability-response"
            },
            {
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://www.usa.canon.com/support/canon-product-advisories/Service-Notice-Regarding-Remediation-Measure-Against-Potential-Buffer-Overflow-Vulnerability-in-Laser-Printers-and-Small-Office-Multifunctional-Printers"
            },
            {
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://www.canon-europe.com/support/product-security/"
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "f98c90f0-e9bd-4fa7-911b-51993f3571fd",
        "assignerShortName": "Canon",
        "cveId": "CVE-2025-14237",
        "datePublished": "2026-01-15T23:40:35.434Z",
        "dateReserved": "2025-12-07T23:53:44.786Z",
        "dateUpdated": "2026-02-26T15:04:03.679Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2025-14236 (GCVE-0-2025-14236)

    Vulnerability from cvelistv5 – Published: 2026-01-15 23:39 – Updated: 2026-02-26 15:04
    VLAI
    Summary
    Buffer overflow in Address Book attribute tag processing on Small Office Multifunction Printers(*) which may allow an attacker on the network segment to trigger the affected product being unresponsive or to execute arbitrary code. *: Satera LBP670C Series/Satera MF750C Series firmware v06.02 and earlier sold in Japan.Color imageCLASS LBP630C/Color imageCLASS MF650C Series/imageCLASS LBP230 Series/imageCLASS X LBP1238 II/imageCLASS MF450 Series/imageCLASS X MF1238 II/imageCLASS X MF1643i II/imageCLASS X MF1643iF II firmware v06.02 and earlier sold in US.i-SENSYS LBP630C Series/i-SENSYS MF650C Series/i-SENSYS LBP230 Series/1238P II/1238Pr II/i-SENSYS MF450 Series/i-SENSYS MF550 Series/1238i II/1238iF II/imageRUNNER 1643i II/imageRUNNER 1643iF II firmware v06.02 and earlier sold in Europe.
    SSVC
    Exploitation: none Automatable: yes Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    Impacted products
    Vendor Product Version
    Canon Inc. Satera LBP670C Series Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. Satera MF750C Series Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. Color imageCLASS LBP630C Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. Color imageCLASS MF650C Series Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. imageCLASS LBP230 Series Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. imageCLASS X LBP1238 II Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. imageCLASS MF450 Series Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. imageCLASS X MF1238 II Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. imageCLASS X MF1643i II Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. imageCLASS X MF1643iF II Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. i-SENSYS LBP630C Series Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. i-SENSYS MF650C Series Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. i-SENSYS LBP230 Series Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. 1238P II Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. 1238Pr II Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. i-SENSYS MF450 Series Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. i-SENSYS MF550 Series Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. 1238i II Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. 1238iF II Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. imageRUNNER 1643i II Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. imageRUNNER 1643iF II Affected: 06.02 and earlier
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-14236",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-01-17T04:55:21.233971Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-02-26T15:04:03.981Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Satera LBP670C Series",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "Satera MF750C Series",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "Color imageCLASS LBP630C",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "Color imageCLASS MF650C Series",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "imageCLASS LBP230 Series",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "imageCLASS X LBP1238 II",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "imageCLASS MF450 Series",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "imageCLASS X MF1238 II",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "imageCLASS X MF1643i II",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "imageCLASS X MF1643iF II",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "i-SENSYS LBP630C Series",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "i-SENSYS MF650C Series",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "i-SENSYS LBP230 Series",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "1238P II",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "1238Pr II",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "i-SENSYS MF450 Series",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "i-SENSYS MF550 Series",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "1238i II",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "1238iF II",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "imageRUNNER 1643i II",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "imageRUNNER 1643iF II",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cp\u003eBuffer overflow in Address Book attribute tag processing on Small Office Multifunction Printers(*) which may allow an attacker on the network segment to trigger the affected product being unresponsive or to execute arbitrary code. *: Satera LBP670C Series/Satera MF750C Series firmware v06.02 and earlier sold in Japan.Color imageCLASS LBP630C/Color imageCLASS MF650C Series/imageCLASS LBP230 Series/imageCLASS X LBP1238 II/imageCLASS MF450 Series/imageCLASS X MF1238 II/imageCLASS X MF1643i II/imageCLASS X MF1643iF II firmware v06.02 and earlier sold in US.i-SENSYS LBP630C Series/i-SENSYS MF650C Series/i-SENSYS LBP230 Series/1238P II/1238Pr II/i-SENSYS MF450 Series/i-SENSYS MF550 Series/1238i II/1238iF II/imageRUNNER 1643i II/imageRUNNER 1643iF II firmware v06.02 and earlier sold in Europe.\u003c/p\u003e"
                }
              ],
              "value": "Buffer overflow in Address Book attribute tag processing on Small Office Multifunction Printers(*) which may allow an attacker on the network segment to trigger the affected product being unresponsive or to execute arbitrary code. *: Satera LBP670C Series/Satera MF750C Series firmware v06.02 and earlier sold in Japan.Color imageCLASS LBP630C/Color imageCLASS MF650C Series/imageCLASS LBP230 Series/imageCLASS X LBP1238 II/imageCLASS MF450 Series/imageCLASS X MF1238 II/imageCLASS X MF1643i II/imageCLASS X MF1643iF II firmware v06.02 and earlier sold in US.i-SENSYS LBP630C Series/i-SENSYS MF650C Series/i-SENSYS LBP230 Series/1238P II/1238Pr II/i-SENSYS MF450 Series/i-SENSYS MF550 Series/1238i II/1238iF II/imageRUNNER 1643i II/imageRUNNER 1643iF II firmware v06.02 and earlier sold in Europe."
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "attackComplexity": "LOW",
                "attackRequirements": "NONE",
                "attackVector": "NETWORK",
                "baseScore": 9.3,
                "baseSeverity": "CRITICAL",
                "exploitMaturity": "NOT_DEFINED",
                "privilegesRequired": "NONE",
                "providerUrgency": "NOT_DEFINED",
                "subAvailabilityImpact": "NONE",
                "subConfidentialityImpact": "NONE",
                "subIntegrityImpact": "NONE",
                "userInteraction": "NONE",
                "valueDensity": "NOT_DEFINED",
                "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
                "version": "4.0",
                "vulnAvailabilityImpact": "HIGH",
                "vulnConfidentialityImpact": "HIGH",
                "vulnIntegrityImpact": "HIGH",
                "vulnerabilityResponseEffort": "NOT_DEFINED"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            },
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 9.8,
                "baseSeverity": "CRITICAL",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-787",
                  "description": "CWE-787: Out-of-bounds Write",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-01-15T23:39:50.760Z",
            "orgId": "f98c90f0-e9bd-4fa7-911b-51993f3571fd",
            "shortName": "Canon"
          },
          "references": [
            {
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://psirt.canon/advisory-information/cp2026-001/"
            },
            {
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://canon.jp/support/support-info/260115vulnerability-response"
            },
            {
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://www.usa.canon.com/support/canon-product-advisories/Service-Notice-Regarding-Remediation-Measure-Against-Potential-Buffer-Overflow-Vulnerability-in-Laser-Printers-and-Small-Office-Multifunctional-Printers"
            },
            {
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://www.canon-europe.com/support/product-security/"
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "f98c90f0-e9bd-4fa7-911b-51993f3571fd",
        "assignerShortName": "Canon",
        "cveId": "CVE-2025-14236",
        "datePublished": "2026-01-15T23:39:50.760Z",
        "dateReserved": "2025-12-07T23:53:42.485Z",
        "dateUpdated": "2026-02-26T15:04:03.981Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2025-14235 (GCVE-0-2025-14235)

    Vulnerability from cvelistv5 – Published: 2026-01-15 23:38 – Updated: 2026-02-26 15:04
    VLAI
    Summary
    Buffer overflow in XPS font fpgm data processing on Small Office Multifunction Printers and Laser Printers(*) which may allow an attacker on the network segment to trigger the affected product being unresponsive or to execute arbitrary code. *: Satera LBP670C Series/Satera MF750C Series firmware v06.02 and earlier sold in Japan.Color imageCLASS LBP630C/Color imageCLASS MF650C Series/imageCLASS LBP230 Series/imageCLASS X LBP1238 II/imageCLASS MF450 Series/imageCLASS X MF1238 II/imageCLASS X MF1643i II/imageCLASS X MF1643iF II firmware v06.02 and earlier sold in US.i-SENSYS LBP630C Series/i-SENSYS MF650C Series/i-SENSYS LBP230 Series/1238P II/1238Pr II/i-SENSYS MF450 Series/i-SENSYS MF550 Series/1238i II/1238iF II/imageRUNNER 1643i II/imageRUNNER 1643iF II firmware v06.02 and earlier sold in Europe.
    SSVC
    Exploitation: none Automatable: yes Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    Impacted products
    Vendor Product Version
    Canon Inc. Satera LBP670C Series Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. Satera MF750C Series Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. Color imageCLASS LBP630C Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. Color imageCLASS MF650C Series Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. imageCLASS LBP230 Series Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. imageCLASS X LBP1238 II Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. imageCLASS MF450 Series Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. imageCLASS X MF1238 II Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. imageCLASS X MF1643i II Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. imageCLASS X MF1643iF II Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. i-SENSYS LBP630C Series Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. i-SENSYS MF650C Series Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. i-SENSYS LBP230 Series Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. 1238P II Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. 1238Pr II Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. i-SENSYS MF450 Series Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. i-SENSYS MF550 Series Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. 1238i II Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. 1238iF II Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. imageRUNNER 1643i II Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. imageRUNNER 1643iF II Affected: 06.02 and earlier
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-14235",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-01-17T04:55:20.123768Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-02-26T15:04:04.493Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Satera LBP670C Series",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "Satera MF750C Series",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "Color imageCLASS LBP630C",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "Color imageCLASS MF650C Series",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "imageCLASS LBP230 Series",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "imageCLASS X LBP1238 II",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "imageCLASS MF450 Series",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "imageCLASS X MF1238 II",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "imageCLASS X MF1643i II",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "imageCLASS X MF1643iF II",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "i-SENSYS LBP630C Series",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "i-SENSYS MF650C Series",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "i-SENSYS LBP230 Series",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "1238P II",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "1238Pr II",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "i-SENSYS MF450 Series",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "i-SENSYS MF550 Series",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "1238i II",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "1238iF II",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "imageRUNNER 1643i II",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "imageRUNNER 1643iF II",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cp\u003eBuffer overflow in XPS font fpgm data processing on Small Office Multifunction Printers and Laser Printers(*) which may allow an attacker on the network segment to trigger the affected product being unresponsive or to execute arbitrary code. *: Satera LBP670C Series/Satera MF750C Series firmware v06.02 and earlier sold in Japan.Color imageCLASS LBP630C/Color imageCLASS MF650C Series/imageCLASS LBP230 Series/imageCLASS X LBP1238 II/imageCLASS MF450 Series/imageCLASS X MF1238 II/imageCLASS X MF1643i II/imageCLASS X MF1643iF II firmware v06.02 and earlier sold in US.i-SENSYS LBP630C Series/i-SENSYS MF650C Series/i-SENSYS LBP230 Series/1238P II/1238Pr II/i-SENSYS MF450 Series/i-SENSYS MF550 Series/1238i II/1238iF II/imageRUNNER 1643i II/imageRUNNER 1643iF II firmware v06.02 and earlier sold in Europe.\u003c/p\u003e"
                }
              ],
              "value": "Buffer overflow in XPS font fpgm data processing on Small Office Multifunction Printers and Laser Printers(*) which may allow an attacker on the network segment to trigger the affected product being unresponsive or to execute arbitrary code. *: Satera LBP670C Series/Satera MF750C Series firmware v06.02 and earlier sold in Japan.Color imageCLASS LBP630C/Color imageCLASS MF650C Series/imageCLASS LBP230 Series/imageCLASS X LBP1238 II/imageCLASS MF450 Series/imageCLASS X MF1238 II/imageCLASS X MF1643i II/imageCLASS X MF1643iF II firmware v06.02 and earlier sold in US.i-SENSYS LBP630C Series/i-SENSYS MF650C Series/i-SENSYS LBP230 Series/1238P II/1238Pr II/i-SENSYS MF450 Series/i-SENSYS MF550 Series/1238i II/1238iF II/imageRUNNER 1643i II/imageRUNNER 1643iF II firmware v06.02 and earlier sold in Europe."
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "attackComplexity": "LOW",
                "attackRequirements": "NONE",
                "attackVector": "NETWORK",
                "baseScore": 9.3,
                "baseSeverity": "CRITICAL",
                "exploitMaturity": "NOT_DEFINED",
                "privilegesRequired": "NONE",
                "providerUrgency": "NOT_DEFINED",
                "subAvailabilityImpact": "NONE",
                "subConfidentialityImpact": "NONE",
                "subIntegrityImpact": "NONE",
                "userInteraction": "NONE",
                "valueDensity": "NOT_DEFINED",
                "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
                "version": "4.0",
                "vulnAvailabilityImpact": "HIGH",
                "vulnConfidentialityImpact": "HIGH",
                "vulnIntegrityImpact": "HIGH",
                "vulnerabilityResponseEffort": "NOT_DEFINED"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            },
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 9.8,
                "baseSeverity": "CRITICAL",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-787",
                  "description": "CWE-787: Out-of-bounds Write",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-01-15T23:38:53.584Z",
            "orgId": "f98c90f0-e9bd-4fa7-911b-51993f3571fd",
            "shortName": "Canon"
          },
          "references": [
            {
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://psirt.canon/advisory-information/cp2026-001/"
            },
            {
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://canon.jp/support/support-info/260115vulnerability-response"
            },
            {
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://www.usa.canon.com/support/canon-product-advisories/Service-Notice-Regarding-Remediation-Measure-Against-Potential-Buffer-Overflow-Vulnerability-in-Laser-Printers-and-Small-Office-Multifunctional-Printers"
            },
            {
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://www.canon-europe.com/support/product-security/"
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "f98c90f0-e9bd-4fa7-911b-51993f3571fd",
        "assignerShortName": "Canon",
        "cveId": "CVE-2025-14235",
        "datePublished": "2026-01-15T23:38:53.584Z",
        "dateReserved": "2025-12-07T23:53:39.814Z",
        "dateUpdated": "2026-02-26T15:04:04.493Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2025-14234 (GCVE-0-2025-14234)

    Vulnerability from cvelistv5 – Published: 2026-01-15 23:38 – Updated: 2026-02-26 15:04
    VLAI
    Summary
    Buffer overflow in CPCA list processing on Small Office Multifunction Printers and Laser Printers(*) which may allow an attacker on the network segment to trigger the affected product being unresponsive or to execute arbitrary code. *: Satera LBP670C Series/Satera MF750C Series firmware v06.02 and earlier sold in Japan.Color imageCLASS LBP630C/Color imageCLASS MF650C Series/imageCLASS LBP230 Series/imageCLASS X LBP1238 II/imageCLASS MF450 Series/imageCLASS X MF1238 II/imageCLASS X MF1643i II/imageCLASS X MF1643iF II firmware v06.02 and earlier sold in US.i-SENSYS LBP630C Series/i-SENSYS MF650C Series/i-SENSYS LBP230 Series/1238P II/1238Pr II/i-SENSYS MF450 Series/i-SENSYS MF550 Series/1238i II/1238iF II/imageRUNNER 1643i II/imageRUNNER 1643iF II firmware v06.02 and earlier sold in Europe.
    SSVC
    Exploitation: none Automatable: yes Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    Impacted products
    Vendor Product Version
    Canon Inc. Satera LBP670C Series Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. Satera MF750C Series Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. Color imageCLASS LBP630C Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. Color imageCLASS MF650C Series Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. imageCLASS LBP230 Series Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. imageCLASS X LBP1238 II Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. imageCLASS MF450 Series Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. imageCLASS X MF1238 II Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. imageCLASS X MF1643i II Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. imageCLASS X MF1643iF II Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. i-SENSYS LBP630C Series Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. i-SENSYS MF650C Series Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. i-SENSYS LBP230 Series Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. 1238P II Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. 1238Pr II Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. i-SENSYS MF450 Series Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. i-SENSYS MF550 Series Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. 1238i II Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. 1238iF II Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. imageRUNNER 1643i II Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. imageRUNNER 1643iF II Affected: 06.02 and earlier
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-14234",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-01-17T04:55:18.971276Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-02-26T15:04:05.147Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Satera LBP670C Series",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "Satera MF750C Series",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "Color imageCLASS LBP630C",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "Color imageCLASS MF650C Series",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "imageCLASS LBP230 Series",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "imageCLASS X LBP1238 II",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "imageCLASS MF450 Series",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "imageCLASS X MF1238 II",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "imageCLASS X MF1643i II",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "imageCLASS X MF1643iF II",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "i-SENSYS LBP630C Series",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "i-SENSYS MF650C Series",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "i-SENSYS LBP230 Series",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "1238P II",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "1238Pr II",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "i-SENSYS MF450 Series",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "i-SENSYS MF550 Series",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "1238i II",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "1238iF II",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "imageRUNNER 1643i II",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "imageRUNNER 1643iF II",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cp\u003eBuffer overflow in CPCA list processing on Small Office Multifunction Printers and Laser Printers(*) which may allow an attacker on the network segment to trigger the affected product being unresponsive or to execute arbitrary code. *: Satera LBP670C Series/Satera MF750C Series firmware v06.02 and earlier sold in Japan.Color imageCLASS LBP630C/Color imageCLASS MF650C Series/imageCLASS LBP230 Series/imageCLASS X LBP1238 II/imageCLASS MF450 Series/imageCLASS X MF1238 II/imageCLASS X MF1643i II/imageCLASS X MF1643iF II firmware v06.02 and earlier sold in US.i-SENSYS LBP630C Series/i-SENSYS MF650C Series/i-SENSYS LBP230 Series/1238P II/1238Pr II/i-SENSYS MF450 Series/i-SENSYS MF550 Series/1238i II/1238iF II/imageRUNNER 1643i II/imageRUNNER 1643iF II firmware v06.02 and earlier sold in Europe.\u003c/p\u003e"
                }
              ],
              "value": "Buffer overflow in CPCA list processing on Small Office Multifunction Printers and Laser Printers(*) which may allow an attacker on the network segment to trigger the affected product being unresponsive or to execute arbitrary code. *: Satera LBP670C Series/Satera MF750C Series firmware v06.02 and earlier sold in Japan.Color imageCLASS LBP630C/Color imageCLASS MF650C Series/imageCLASS LBP230 Series/imageCLASS X LBP1238 II/imageCLASS MF450 Series/imageCLASS X MF1238 II/imageCLASS X MF1643i II/imageCLASS X MF1643iF II firmware v06.02 and earlier sold in US.i-SENSYS LBP630C Series/i-SENSYS MF650C Series/i-SENSYS LBP230 Series/1238P II/1238Pr II/i-SENSYS MF450 Series/i-SENSYS MF550 Series/1238i II/1238iF II/imageRUNNER 1643i II/imageRUNNER 1643iF II firmware v06.02 and earlier sold in Europe."
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "attackComplexity": "LOW",
                "attackRequirements": "NONE",
                "attackVector": "NETWORK",
                "baseScore": 9.3,
                "baseSeverity": "CRITICAL",
                "exploitMaturity": "NOT_DEFINED",
                "privilegesRequired": "NONE",
                "providerUrgency": "NOT_DEFINED",
                "subAvailabilityImpact": "NONE",
                "subConfidentialityImpact": "NONE",
                "subIntegrityImpact": "NONE",
                "userInteraction": "NONE",
                "valueDensity": "NOT_DEFINED",
                "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
                "version": "4.0",
                "vulnAvailabilityImpact": "HIGH",
                "vulnConfidentialityImpact": "HIGH",
                "vulnIntegrityImpact": "HIGH",
                "vulnerabilityResponseEffort": "NOT_DEFINED"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            },
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 9.8,
                "baseSeverity": "CRITICAL",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-787",
                  "description": "CWE-787: Out-of-bounds Write",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-01-15T23:38:13.313Z",
            "orgId": "f98c90f0-e9bd-4fa7-911b-51993f3571fd",
            "shortName": "Canon"
          },
          "references": [
            {
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://psirt.canon/advisory-information/cp2026-001/"
            },
            {
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://canon.jp/support/support-info/260115vulnerability-response"
            },
            {
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://www.usa.canon.com/support/canon-product-advisories/Service-Notice-Regarding-Remediation-Measure-Against-Potential-Buffer-Overflow-Vulnerability-in-Laser-Printers-and-Small-Office-Multifunctional-Printers"
            },
            {
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://www.canon-europe.com/support/product-security/"
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "f98c90f0-e9bd-4fa7-911b-51993f3571fd",
        "assignerShortName": "Canon",
        "cveId": "CVE-2025-14234",
        "datePublished": "2026-01-15T23:38:13.313Z",
        "dateReserved": "2025-12-07T23:53:37.575Z",
        "dateUpdated": "2026-02-26T15:04:05.147Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2025-14233 (GCVE-0-2025-14233)

    Vulnerability from cvelistv5 – Published: 2026-01-15 23:37 – Updated: 2026-02-26 15:04
    VLAI
    Summary
    Invalid free in CPCA file deletion processing on Small Office Multifunction Printers and Laser Printers(*) which may allow an attacker on the network segment to trigger the affected product being unresponsive or to execute arbitrary code. *: Satera LBP670C Series/Satera MF750C Series firmware v06.02 and earlier sold in Japan.Color imageCLASS LBP630C/Color imageCLASS MF650C Series/imageCLASS LBP230 Series/imageCLASS X LBP1238 II/imageCLASS MF450 Series/imageCLASS X MF1238 II/imageCLASS X MF1643i II/imageCLASS X MF1643iF II firmware v06.02 and earlier sold in US.i-SENSYS LBP630C Series/i-SENSYS MF650C Series/i-SENSYS LBP230 Series/1238P II/1238Pr II/i-SENSYS MF450 Series/i-SENSYS MF550 Series/1238i II/1238iF II/imageRUNNER 1643i II/imageRUNNER 1643iF II firmware v06.02 and earlier sold in Europe.
    SSVC
    Exploitation: none Automatable: yes Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-763 - Release of Invalid Pointer or Reference
    Assigner
    Impacted products
    Vendor Product Version
    Canon Inc. Satera LBP670C Series Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. Satera MF750C Series Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. Color imageCLASS LBP630C Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. Color imageCLASS MF650C Series Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. imageCLASS LBP230 Series Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. imageCLASS X LBP1238 II Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. imageCLASS MF450 Series Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. imageCLASS X MF1238 II Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. imageCLASS X MF1643i II Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. imageCLASS X MF1643iF II Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. i-SENSYS LBP630C Series Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. i-SENSYS MF650C Series Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. i-SENSYS LBP230 Series Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. 1238P II Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. 1238Pr II Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. i-SENSYS MF450 Series Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. i-SENSYS MF550 Series Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. 1238i II Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. 1238iF II Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. imageRUNNER 1643i II Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. imageRUNNER 1643iF II Affected: 06.02 and earlier
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-14233",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-01-17T04:55:17.853082Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-02-26T15:04:05.546Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Satera LBP670C Series",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "Satera MF750C Series",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "Color imageCLASS LBP630C",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "Color imageCLASS MF650C Series",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "imageCLASS LBP230 Series",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "imageCLASS X LBP1238 II",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "imageCLASS MF450 Series",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "imageCLASS X MF1238 II",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "imageCLASS X MF1643i II",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "imageCLASS X MF1643iF II",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "i-SENSYS LBP630C Series",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "i-SENSYS MF650C Series",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "i-SENSYS LBP230 Series",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "1238P II",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "1238Pr II",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "i-SENSYS MF450 Series",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "i-SENSYS MF550 Series",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "1238i II",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "1238iF II",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "imageRUNNER 1643i II",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "imageRUNNER 1643iF II",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cp\u003eInvalid free in CPCA file deletion processing on Small Office Multifunction Printers and Laser Printers(*) which may allow an attacker on the network segment to trigger the affected product being unresponsive or to execute arbitrary code. *: Satera LBP670C Series/Satera MF750C Series firmware v06.02 and earlier sold in Japan.Color imageCLASS LBP630C/Color imageCLASS MF650C Series/imageCLASS LBP230 Series/imageCLASS X LBP1238 II/imageCLASS MF450 Series/imageCLASS X MF1238 II/imageCLASS X MF1643i II/imageCLASS X MF1643iF II firmware v06.02 and earlier sold in US.i-SENSYS LBP630C Series/i-SENSYS MF650C Series/i-SENSYS LBP230 Series/1238P II/1238Pr II/i-SENSYS MF450 Series/i-SENSYS MF550 Series/1238i II/1238iF II/imageRUNNER 1643i II/imageRUNNER 1643iF II firmware v06.02 and earlier sold in Europe.\u003c/p\u003e"
                }
              ],
              "value": "Invalid free in CPCA file deletion processing on Small Office Multifunction Printers and Laser Printers(*) which may allow an attacker on the network segment to trigger the affected product being unresponsive or to execute arbitrary code. *: Satera LBP670C Series/Satera MF750C Series firmware v06.02 and earlier sold in Japan.Color imageCLASS LBP630C/Color imageCLASS MF650C Series/imageCLASS LBP230 Series/imageCLASS X LBP1238 II/imageCLASS MF450 Series/imageCLASS X MF1238 II/imageCLASS X MF1643i II/imageCLASS X MF1643iF II firmware v06.02 and earlier sold in US.i-SENSYS LBP630C Series/i-SENSYS MF650C Series/i-SENSYS LBP230 Series/1238P II/1238Pr II/i-SENSYS MF450 Series/i-SENSYS MF550 Series/1238i II/1238iF II/imageRUNNER 1643i II/imageRUNNER 1643iF II firmware v06.02 and earlier sold in Europe."
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "attackComplexity": "LOW",
                "attackRequirements": "NONE",
                "attackVector": "NETWORK",
                "baseScore": 9.3,
                "baseSeverity": "CRITICAL",
                "exploitMaturity": "NOT_DEFINED",
                "privilegesRequired": "NONE",
                "providerUrgency": "NOT_DEFINED",
                "subAvailabilityImpact": "NONE",
                "subConfidentialityImpact": "NONE",
                "subIntegrityImpact": "NONE",
                "userInteraction": "NONE",
                "valueDensity": "NOT_DEFINED",
                "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
                "version": "4.0",
                "vulnAvailabilityImpact": "HIGH",
                "vulnConfidentialityImpact": "HIGH",
                "vulnIntegrityImpact": "HIGH",
                "vulnerabilityResponseEffort": "NOT_DEFINED"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            },
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 9.8,
                "baseSeverity": "CRITICAL",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-763",
                  "description": "CWE-763: Release of Invalid Pointer or Reference",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-01-15T23:37:29.921Z",
            "orgId": "f98c90f0-e9bd-4fa7-911b-51993f3571fd",
            "shortName": "Canon"
          },
          "references": [
            {
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://psirt.canon/advisory-information/cp2026-001/"
            },
            {
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://canon.jp/support/support-info/260115vulnerability-response"
            },
            {
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://www.usa.canon.com/support/canon-product-advisories/Service-Notice-Regarding-Remediation-Measure-Against-Potential-Buffer-Overflow-Vulnerability-in-Laser-Printers-and-Small-Office-Multifunctional-Printers"
            },
            {
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://www.canon-europe.com/support/product-security/"
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "f98c90f0-e9bd-4fa7-911b-51993f3571fd",
        "assignerShortName": "Canon",
        "cveId": "CVE-2025-14233",
        "datePublished": "2026-01-15T23:37:29.921Z",
        "dateReserved": "2025-12-07T23:53:35.177Z",
        "dateUpdated": "2026-02-26T15:04:05.546Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2025-14232 (GCVE-0-2025-14232)

    Vulnerability from cvelistv5 – Published: 2026-01-15 23:36 – Updated: 2026-02-26 15:04
    VLAI
    Summary
    Buffer overflow in XML processing of XPS file in Small Office Multifunction Printers and Laser Printers(*) which may allow an attacker on the network segment to trigger the affected product being unresponsive or to execute arbitrary code. *: Satera LBP670C Series/Satera MF750C Series firmware v06.02 and earlier sold in Japan.Color imageCLASS LBP630C/Color imageCLASS MF650C Series/imageCLASS LBP230 Series/imageCLASS X LBP1238 II/imageCLASS MF450 Series/imageCLASS X MF1238 II/imageCLASS X MF1643i II/imageCLASS X MF1643iF II firmware v06.02 and earlier sold in US.i-SENSYS LBP630C Series/i-SENSYS MF650C Series/i-SENSYS LBP230 Series/1238P II/1238Pr II/i-SENSYS MF450 Series/i-SENSYS MF550 Series/1238i II/1238iF II/imageRUNNER 1643i II/imageRUNNER 1643iF II firmware v06.02 and earlier sold in Europe.
    SSVC
    Exploitation: none Automatable: yes Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    Impacted products
    Vendor Product Version
    Canon Inc. Satera LBP670C Series Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. Satera MF750C Series Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. Color imageCLASS LBP630C Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. Color imageCLASS MF650C Series Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. imageCLASS LBP230 Series Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. imageCLASS X LBP1238 II Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. imageCLASS MF450 Series Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. imageCLASS X MF1238 II Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. imageCLASS X MF1643i II Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. imageCLASS X MF1643iF II Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. i-SENSYS LBP630C Series Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. i-SENSYS MF650C Series Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. i-SENSYS LBP230 Series Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. 1238P II Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. 1238Pr II Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. i-SENSYS MF450 Series Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. i-SENSYS MF550 Series Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. 1238i II Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. 1238iF II Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. imageRUNNER 1643i II Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. imageRUNNER 1643iF II Affected: 06.02 and earlier
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-14232",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-01-17T04:55:16.757641Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-02-26T15:04:05.866Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Satera LBP670C Series",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "Satera MF750C Series",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "Color imageCLASS LBP630C",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "Color imageCLASS MF650C Series",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "imageCLASS LBP230 Series",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "imageCLASS X LBP1238 II",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "imageCLASS MF450 Series",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "imageCLASS X MF1238 II",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "imageCLASS X MF1643i II",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "imageCLASS X MF1643iF II",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "i-SENSYS LBP630C Series",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "i-SENSYS MF650C Series",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "i-SENSYS LBP230 Series",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "1238P II",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "1238Pr II",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "i-SENSYS MF450 Series",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "i-SENSYS MF550 Series",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "1238i II",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "1238iF II",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "imageRUNNER 1643i II",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "imageRUNNER 1643iF II",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cp\u003eBuffer overflow in XML processing of XPS file in Small Office Multifunction Printers and Laser Printers(*) which may allow an attacker on the network segment to trigger the affected product being unresponsive or to execute arbitrary code. *: Satera LBP670C Series/Satera MF750C Series firmware v06.02 and earlier sold in Japan.Color imageCLASS LBP630C/Color imageCLASS MF650C Series/imageCLASS LBP230 Series/imageCLASS X LBP1238 II/imageCLASS MF450 Series/imageCLASS X MF1238 II/imageCLASS X MF1643i II/imageCLASS X MF1643iF II firmware v06.02 and earlier sold in US.i-SENSYS LBP630C Series/i-SENSYS MF650C Series/i-SENSYS LBP230 Series/1238P II/1238Pr II/i-SENSYS MF450 Series/i-SENSYS MF550 Series/1238i II/1238iF II/imageRUNNER 1643i II/imageRUNNER 1643iF II firmware v06.02 and earlier sold in Europe.\u003c/p\u003e"
                }
              ],
              "value": "Buffer overflow in XML processing of XPS file in Small Office Multifunction Printers and Laser Printers(*) which may allow an attacker on the network segment to trigger the affected product being unresponsive or to execute arbitrary code. *: Satera LBP670C Series/Satera MF750C Series firmware v06.02 and earlier sold in Japan.Color imageCLASS LBP630C/Color imageCLASS MF650C Series/imageCLASS LBP230 Series/imageCLASS X LBP1238 II/imageCLASS MF450 Series/imageCLASS X MF1238 II/imageCLASS X MF1643i II/imageCLASS X MF1643iF II firmware v06.02 and earlier sold in US.i-SENSYS LBP630C Series/i-SENSYS MF650C Series/i-SENSYS LBP230 Series/1238P II/1238Pr II/i-SENSYS MF450 Series/i-SENSYS MF550 Series/1238i II/1238iF II/imageRUNNER 1643i II/imageRUNNER 1643iF II firmware v06.02 and earlier sold in Europe."
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "attackComplexity": "LOW",
                "attackRequirements": "NONE",
                "attackVector": "NETWORK",
                "baseScore": 9.3,
                "baseSeverity": "CRITICAL",
                "exploitMaturity": "NOT_DEFINED",
                "privilegesRequired": "NONE",
                "providerUrgency": "NOT_DEFINED",
                "subAvailabilityImpact": "NONE",
                "subConfidentialityImpact": "NONE",
                "subIntegrityImpact": "NONE",
                "userInteraction": "NONE",
                "valueDensity": "NOT_DEFINED",
                "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
                "version": "4.0",
                "vulnAvailabilityImpact": "HIGH",
                "vulnConfidentialityImpact": "HIGH",
                "vulnIntegrityImpact": "HIGH",
                "vulnerabilityResponseEffort": "NOT_DEFINED"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            },
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 9.8,
                "baseSeverity": "CRITICAL",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-787",
                  "description": "CWE-787: Out-of-bounds Write",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-01-15T23:36:27.072Z",
            "orgId": "f98c90f0-e9bd-4fa7-911b-51993f3571fd",
            "shortName": "Canon"
          },
          "references": [
            {
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://psirt.canon/advisory-information/cp2026-001/"
            },
            {
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://canon.jp/support/support-info/260115vulnerability-response"
            },
            {
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://www.usa.canon.com/support/canon-product-advisories/Service-Notice-Regarding-Remediation-Measure-Against-Potential-Buffer-Overflow-Vulnerability-in-Laser-Printers-and-Small-Office-Multifunctional-Printers"
            },
            {
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://www.canon-europe.com/support/product-security/"
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "f98c90f0-e9bd-4fa7-911b-51993f3571fd",
        "assignerShortName": "Canon",
        "cveId": "CVE-2025-14232",
        "datePublished": "2026-01-15T23:36:27.072Z",
        "dateReserved": "2025-12-07T23:53:33.202Z",
        "dateUpdated": "2026-02-26T15:04:05.866Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2025-14231 (GCVE-0-2025-14231)

    Vulnerability from cvelistv5 – Published: 2026-01-15 23:35 – Updated: 2026-02-26 15:04
    VLAI
    Summary
    Buffer overflow in print job processing by WSD on Small Office Multifunction Printers and Laser Printers(*) which may allow an attacker on the network segment to trigger the affected product being unresponsive or to execute arbitrary code. *: Satera LBP670C Series/Satera MF750C Series firmware v06.02 and earlier sold in Japan.Color imageCLASS LBP630C/Color imageCLASS MF650C Series/imageCLASS LBP230 Series/imageCLASS X LBP1238 II/imageCLASS MF450 Series/imageCLASS X MF1238 II/imageCLASS X MF1643i II/imageCLASS X MF1643iF II firmware v06.02 and earlier sold in US.i-SENSYS LBP630C Series/i-SENSYS MF650C Series/i-SENSYS LBP230 Series/1238P II/1238Pr II/i-SENSYS MF450 Series/i-SENSYS MF550 Series/1238i II/1238iF II/imageRUNNER 1643i II/imageRUNNER 1643iF II firmware v06.02 and earlier sold in Europe.
    SSVC
    Exploitation: none Automatable: yes Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    Impacted products
    Vendor Product Version
    Canon Inc. Satera LBP670C Series Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. Satera MF750C Series Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. Color imageCLASS LBP630C Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. Color imageCLASS MF650C Series Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. imageCLASS LBP230 Series Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. imageCLASS X LBP1238 II Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. imageCLASS MF450 Series Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. imageCLASS X MF1238 II Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. imageCLASS X MF1643i II Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. imageCLASS X MF1643iF II Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. i-SENSYS LBP630C Series Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. i-SENSYS MF650C Series Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. i-SENSYS LBP230 Series Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. 1238P II Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. 1238Pr II Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. i-SENSYS MF450 Series Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. i-SENSYS MF550 Series Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. 1238i II Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. 1238iF II Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. imageRUNNER 1643i II Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. imageRUNNER 1643iF II Affected: 06.02 and earlier
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-14231",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-01-17T04:55:14.523463Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-02-26T15:04:06.152Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Satera LBP670C Series",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "Satera MF750C Series",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "Color imageCLASS LBP630C",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "Color imageCLASS MF650C Series",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "imageCLASS LBP230 Series",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "imageCLASS X LBP1238 II",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "imageCLASS MF450 Series",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "imageCLASS X MF1238 II",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "imageCLASS X MF1643i II",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "imageCLASS X MF1643iF II",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "i-SENSYS LBP630C Series",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "i-SENSYS MF650C Series",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "i-SENSYS LBP230 Series",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "1238P II",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "1238Pr II",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "i-SENSYS MF450 Series",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "i-SENSYS MF550 Series",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "1238i II",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "1238iF II",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "imageRUNNER 1643i II",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "imageRUNNER 1643iF II",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cp\u003eBuffer overflow in print job processing by WSD on Small Office Multifunction Printers and Laser Printers(*) which may allow an attacker on the network segment to trigger the affected product being unresponsive or to execute arbitrary code. *: Satera LBP670C Series/Satera MF750C Series firmware v06.02 and earlier sold in Japan.Color imageCLASS LBP630C/Color imageCLASS MF650C Series/imageCLASS LBP230 Series/imageCLASS X LBP1238 II/imageCLASS MF450 Series/imageCLASS X MF1238 II/imageCLASS X MF1643i II/imageCLASS X MF1643iF II firmware v06.02 and earlier sold in US.i-SENSYS LBP630C Series/i-SENSYS MF650C Series/i-SENSYS LBP230 Series/1238P II/1238Pr II/i-SENSYS MF450 Series/i-SENSYS MF550 Series/1238i II/1238iF II/imageRUNNER 1643i II/imageRUNNER 1643iF II firmware v06.02 and earlier sold in Europe.\u003c/p\u003e"
                }
              ],
              "value": "Buffer overflow in print job processing by WSD on Small Office Multifunction Printers and Laser Printers(*) which may allow an attacker on the network segment to trigger the affected product being unresponsive or to execute arbitrary code. *: Satera LBP670C Series/Satera MF750C Series firmware v06.02 and earlier sold in Japan.Color imageCLASS LBP630C/Color imageCLASS MF650C Series/imageCLASS LBP230 Series/imageCLASS X LBP1238 II/imageCLASS MF450 Series/imageCLASS X MF1238 II/imageCLASS X MF1643i II/imageCLASS X MF1643iF II firmware v06.02 and earlier sold in US.i-SENSYS LBP630C Series/i-SENSYS MF650C Series/i-SENSYS LBP230 Series/1238P II/1238Pr II/i-SENSYS MF450 Series/i-SENSYS MF550 Series/1238i II/1238iF II/imageRUNNER 1643i II/imageRUNNER 1643iF II firmware v06.02 and earlier sold in Europe."
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "attackComplexity": "LOW",
                "attackRequirements": "NONE",
                "attackVector": "NETWORK",
                "baseScore": 9.3,
                "baseSeverity": "CRITICAL",
                "exploitMaturity": "NOT_DEFINED",
                "privilegesRequired": "NONE",
                "providerUrgency": "NOT_DEFINED",
                "subAvailabilityImpact": "NONE",
                "subConfidentialityImpact": "NONE",
                "subIntegrityImpact": "NONE",
                "userInteraction": "NONE",
                "valueDensity": "NOT_DEFINED",
                "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
                "version": "4.0",
                "vulnAvailabilityImpact": "HIGH",
                "vulnConfidentialityImpact": "HIGH",
                "vulnIntegrityImpact": "HIGH",
                "vulnerabilityResponseEffort": "NOT_DEFINED"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            },
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 9.8,
                "baseSeverity": "CRITICAL",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-787",
                  "description": "CWE-787: Out-of-bounds Write",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-01-15T23:35:27.096Z",
            "orgId": "f98c90f0-e9bd-4fa7-911b-51993f3571fd",
            "shortName": "Canon"
          },
          "references": [
            {
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://psirt.canon/advisory-information/cp2026-001/"
            },
            {
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://canon.jp/support/support-info/260115vulnerability-response"
            },
            {
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://www.usa.canon.com/support/canon-product-advisories/Service-Notice-Regarding-Remediation-Measure-Against-Potential-Buffer-Overflow-Vulnerability-in-Laser-Printers-and-Small-Office-Multifunctional-Printers"
            },
            {
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://www.canon-europe.com/support/product-security/"
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "f98c90f0-e9bd-4fa7-911b-51993f3571fd",
        "assignerShortName": "Canon",
        "cveId": "CVE-2025-14231",
        "datePublished": "2026-01-15T23:35:27.096Z",
        "dateReserved": "2025-12-07T23:53:30.531Z",
        "dateUpdated": "2026-02-26T15:04:06.152Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }