Search

Find a vulnerability

Search criteria

    38 vulnerabilities found for mf452dw_firmware by canon

    CVE-2025-14237 (GCVE-0-2025-14237)

    Vulnerability from nvd – Published: 2026-01-15 23:40 – Updated: 2026-02-26 15:04
    VLAI
    Summary
    Buffer overflow in XPS font parse processing on Small Office Multifunction Printers and Laser Printers(*) which may allow an attacker on the network segment to trigger the affected product being unresponsive or to execute arbitrary code. *: Satera LBP670C Series/Satera MF750C Series firmware v06.02 and earlier sold in Japan.Color imageCLASS LBP630C/Color imageCLASS MF650C Series/imageCLASS LBP230 Series/imageCLASS X LBP1238 II/imageCLASS MF450 Series/imageCLASS X MF1238 II/imageCLASS X MF1643i II/imageCLASS X MF1643iF II firmware v06.02 and earlier sold in US.i-SENSYS LBP630C Series/i-SENSYS MF650C Series/i-SENSYS LBP230 Series/1238P II/1238Pr II/i-SENSYS MF450 Series/i-SENSYS MF550 Series/1238i II/1238iF II/imageRUNNER 1643i II/imageRUNNER 1643iF II firmware v06.02 and earlier sold in Europe.
    SSVC
    Exploitation: none Automatable: yes Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    Impacted products
    Vendor Product Version
    Canon Inc. Satera LBP670C Series Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. Satera MF750C Series Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. Color imageCLASS LBP630C Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. Color imageCLASS MF650C Series Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. imageCLASS LBP230 Series Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. imageCLASS X LBP1238 II Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. imageCLASS MF450 Series Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. imageCLASS X MF1238 II Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. imageCLASS X MF1643i II Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. imageCLASS X MF1643iF II Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. i-SENSYS LBP630C Series Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. i-SENSYS MF650C Series Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. i-SENSYS LBP230 Series Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. 1238P II Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. 1238Pr II Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. i-SENSYS MF450 Series Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. i-SENSYS MF550 Series Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. 1238i II Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. 1238iF II Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. imageRUNNER 1643i II Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. imageRUNNER 1643iF II Affected: 06.02 and earlier
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-14237",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-01-17T04:55:22.276871Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-02-26T15:04:03.679Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Satera LBP670C Series",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "Satera MF750C Series",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "Color imageCLASS LBP630C",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "Color imageCLASS MF650C Series",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "imageCLASS LBP230 Series",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "imageCLASS X LBP1238 II",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "imageCLASS MF450 Series",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "imageCLASS X MF1238 II",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "imageCLASS X MF1643i II",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "imageCLASS X MF1643iF II",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "i-SENSYS LBP630C Series",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "i-SENSYS MF650C Series",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "i-SENSYS LBP230 Series",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "1238P II",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "1238Pr II",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "i-SENSYS MF450 Series",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "i-SENSYS MF550 Series",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "1238i II",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "1238iF II",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "imageRUNNER 1643i II",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "imageRUNNER 1643iF II",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cp\u003eBuffer overflow in XPS font parse processing on Small Office Multifunction Printers and Laser Printers(*) which may allow an attacker on the network segment to trigger the affected product being unresponsive or to execute arbitrary code. *: Satera LBP670C Series/Satera MF750C Series firmware v06.02 and earlier sold in Japan.Color imageCLASS LBP630C/Color imageCLASS MF650C Series/imageCLASS LBP230 Series/imageCLASS X LBP1238 II/imageCLASS MF450 Series/imageCLASS X MF1238 II/imageCLASS X MF1643i II/imageCLASS X MF1643iF II firmware v06.02 and earlier sold in US.i-SENSYS LBP630C Series/i-SENSYS MF650C Series/i-SENSYS LBP230 Series/1238P II/1238Pr II/i-SENSYS MF450 Series/i-SENSYS MF550 Series/1238i II/1238iF II/imageRUNNER 1643i II/imageRUNNER 1643iF II firmware v06.02 and earlier sold in Europe.\u003c/p\u003e"
                }
              ],
              "value": "Buffer overflow in XPS font parse processing on Small Office Multifunction Printers and Laser Printers(*) which may allow an attacker on the network segment to trigger the affected product being unresponsive or to execute arbitrary code. *: Satera LBP670C Series/Satera MF750C Series firmware v06.02 and earlier sold in Japan.Color imageCLASS LBP630C/Color imageCLASS MF650C Series/imageCLASS LBP230 Series/imageCLASS X LBP1238 II/imageCLASS MF450 Series/imageCLASS X MF1238 II/imageCLASS X MF1643i II/imageCLASS X MF1643iF II firmware v06.02 and earlier sold in US.i-SENSYS LBP630C Series/i-SENSYS MF650C Series/i-SENSYS LBP230 Series/1238P II/1238Pr II/i-SENSYS MF450 Series/i-SENSYS MF550 Series/1238i II/1238iF II/imageRUNNER 1643i II/imageRUNNER 1643iF II firmware v06.02 and earlier sold in Europe."
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "attackComplexity": "LOW",
                "attackRequirements": "NONE",
                "attackVector": "NETWORK",
                "baseScore": 9.3,
                "baseSeverity": "CRITICAL",
                "exploitMaturity": "NOT_DEFINED",
                "privilegesRequired": "NONE",
                "providerUrgency": "NOT_DEFINED",
                "subAvailabilityImpact": "NONE",
                "subConfidentialityImpact": "NONE",
                "subIntegrityImpact": "NONE",
                "userInteraction": "NONE",
                "valueDensity": "NOT_DEFINED",
                "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
                "version": "4.0",
                "vulnAvailabilityImpact": "HIGH",
                "vulnConfidentialityImpact": "HIGH",
                "vulnIntegrityImpact": "HIGH",
                "vulnerabilityResponseEffort": "NOT_DEFINED"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            },
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 9.8,
                "baseSeverity": "CRITICAL",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-787",
                  "description": "CWE-787: Out-of-bounds Write",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-01-15T23:40:35.434Z",
            "orgId": "f98c90f0-e9bd-4fa7-911b-51993f3571fd",
            "shortName": "Canon"
          },
          "references": [
            {
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://psirt.canon/advisory-information/cp2026-001/"
            },
            {
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://canon.jp/support/support-info/260115vulnerability-response"
            },
            {
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://www.usa.canon.com/support/canon-product-advisories/Service-Notice-Regarding-Remediation-Measure-Against-Potential-Buffer-Overflow-Vulnerability-in-Laser-Printers-and-Small-Office-Multifunctional-Printers"
            },
            {
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://www.canon-europe.com/support/product-security/"
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "f98c90f0-e9bd-4fa7-911b-51993f3571fd",
        "assignerShortName": "Canon",
        "cveId": "CVE-2025-14237",
        "datePublished": "2026-01-15T23:40:35.434Z",
        "dateReserved": "2025-12-07T23:53:44.786Z",
        "dateUpdated": "2026-02-26T15:04:03.679Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2025-14236 (GCVE-0-2025-14236)

    Vulnerability from nvd – Published: 2026-01-15 23:39 – Updated: 2026-02-26 15:04
    VLAI
    Summary
    Buffer overflow in Address Book attribute tag processing on Small Office Multifunction Printers(*) which may allow an attacker on the network segment to trigger the affected product being unresponsive or to execute arbitrary code. *: Satera LBP670C Series/Satera MF750C Series firmware v06.02 and earlier sold in Japan.Color imageCLASS LBP630C/Color imageCLASS MF650C Series/imageCLASS LBP230 Series/imageCLASS X LBP1238 II/imageCLASS MF450 Series/imageCLASS X MF1238 II/imageCLASS X MF1643i II/imageCLASS X MF1643iF II firmware v06.02 and earlier sold in US.i-SENSYS LBP630C Series/i-SENSYS MF650C Series/i-SENSYS LBP230 Series/1238P II/1238Pr II/i-SENSYS MF450 Series/i-SENSYS MF550 Series/1238i II/1238iF II/imageRUNNER 1643i II/imageRUNNER 1643iF II firmware v06.02 and earlier sold in Europe.
    SSVC
    Exploitation: none Automatable: yes Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    Impacted products
    Vendor Product Version
    Canon Inc. Satera LBP670C Series Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. Satera MF750C Series Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. Color imageCLASS LBP630C Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. Color imageCLASS MF650C Series Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. imageCLASS LBP230 Series Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. imageCLASS X LBP1238 II Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. imageCLASS MF450 Series Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. imageCLASS X MF1238 II Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. imageCLASS X MF1643i II Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. imageCLASS X MF1643iF II Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. i-SENSYS LBP630C Series Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. i-SENSYS MF650C Series Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. i-SENSYS LBP230 Series Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. 1238P II Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. 1238Pr II Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. i-SENSYS MF450 Series Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. i-SENSYS MF550 Series Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. 1238i II Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. 1238iF II Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. imageRUNNER 1643i II Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. imageRUNNER 1643iF II Affected: 06.02 and earlier
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-14236",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-01-17T04:55:21.233971Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-02-26T15:04:03.981Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Satera LBP670C Series",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "Satera MF750C Series",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "Color imageCLASS LBP630C",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "Color imageCLASS MF650C Series",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "imageCLASS LBP230 Series",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "imageCLASS X LBP1238 II",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "imageCLASS MF450 Series",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "imageCLASS X MF1238 II",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "imageCLASS X MF1643i II",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "imageCLASS X MF1643iF II",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "i-SENSYS LBP630C Series",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "i-SENSYS MF650C Series",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "i-SENSYS LBP230 Series",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "1238P II",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "1238Pr II",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "i-SENSYS MF450 Series",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "i-SENSYS MF550 Series",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "1238i II",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "1238iF II",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "imageRUNNER 1643i II",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "imageRUNNER 1643iF II",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cp\u003eBuffer overflow in Address Book attribute tag processing on Small Office Multifunction Printers(*) which may allow an attacker on the network segment to trigger the affected product being unresponsive or to execute arbitrary code. *: Satera LBP670C Series/Satera MF750C Series firmware v06.02 and earlier sold in Japan.Color imageCLASS LBP630C/Color imageCLASS MF650C Series/imageCLASS LBP230 Series/imageCLASS X LBP1238 II/imageCLASS MF450 Series/imageCLASS X MF1238 II/imageCLASS X MF1643i II/imageCLASS X MF1643iF II firmware v06.02 and earlier sold in US.i-SENSYS LBP630C Series/i-SENSYS MF650C Series/i-SENSYS LBP230 Series/1238P II/1238Pr II/i-SENSYS MF450 Series/i-SENSYS MF550 Series/1238i II/1238iF II/imageRUNNER 1643i II/imageRUNNER 1643iF II firmware v06.02 and earlier sold in Europe.\u003c/p\u003e"
                }
              ],
              "value": "Buffer overflow in Address Book attribute tag processing on Small Office Multifunction Printers(*) which may allow an attacker on the network segment to trigger the affected product being unresponsive or to execute arbitrary code. *: Satera LBP670C Series/Satera MF750C Series firmware v06.02 and earlier sold in Japan.Color imageCLASS LBP630C/Color imageCLASS MF650C Series/imageCLASS LBP230 Series/imageCLASS X LBP1238 II/imageCLASS MF450 Series/imageCLASS X MF1238 II/imageCLASS X MF1643i II/imageCLASS X MF1643iF II firmware v06.02 and earlier sold in US.i-SENSYS LBP630C Series/i-SENSYS MF650C Series/i-SENSYS LBP230 Series/1238P II/1238Pr II/i-SENSYS MF450 Series/i-SENSYS MF550 Series/1238i II/1238iF II/imageRUNNER 1643i II/imageRUNNER 1643iF II firmware v06.02 and earlier sold in Europe."
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "attackComplexity": "LOW",
                "attackRequirements": "NONE",
                "attackVector": "NETWORK",
                "baseScore": 9.3,
                "baseSeverity": "CRITICAL",
                "exploitMaturity": "NOT_DEFINED",
                "privilegesRequired": "NONE",
                "providerUrgency": "NOT_DEFINED",
                "subAvailabilityImpact": "NONE",
                "subConfidentialityImpact": "NONE",
                "subIntegrityImpact": "NONE",
                "userInteraction": "NONE",
                "valueDensity": "NOT_DEFINED",
                "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
                "version": "4.0",
                "vulnAvailabilityImpact": "HIGH",
                "vulnConfidentialityImpact": "HIGH",
                "vulnIntegrityImpact": "HIGH",
                "vulnerabilityResponseEffort": "NOT_DEFINED"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            },
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 9.8,
                "baseSeverity": "CRITICAL",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-787",
                  "description": "CWE-787: Out-of-bounds Write",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-01-15T23:39:50.760Z",
            "orgId": "f98c90f0-e9bd-4fa7-911b-51993f3571fd",
            "shortName": "Canon"
          },
          "references": [
            {
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://psirt.canon/advisory-information/cp2026-001/"
            },
            {
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://canon.jp/support/support-info/260115vulnerability-response"
            },
            {
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://www.usa.canon.com/support/canon-product-advisories/Service-Notice-Regarding-Remediation-Measure-Against-Potential-Buffer-Overflow-Vulnerability-in-Laser-Printers-and-Small-Office-Multifunctional-Printers"
            },
            {
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://www.canon-europe.com/support/product-security/"
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "f98c90f0-e9bd-4fa7-911b-51993f3571fd",
        "assignerShortName": "Canon",
        "cveId": "CVE-2025-14236",
        "datePublished": "2026-01-15T23:39:50.760Z",
        "dateReserved": "2025-12-07T23:53:42.485Z",
        "dateUpdated": "2026-02-26T15:04:03.981Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2025-14235 (GCVE-0-2025-14235)

    Vulnerability from nvd – Published: 2026-01-15 23:38 – Updated: 2026-02-26 15:04
    VLAI
    Summary
    Buffer overflow in XPS font fpgm data processing on Small Office Multifunction Printers and Laser Printers(*) which may allow an attacker on the network segment to trigger the affected product being unresponsive or to execute arbitrary code. *: Satera LBP670C Series/Satera MF750C Series firmware v06.02 and earlier sold in Japan.Color imageCLASS LBP630C/Color imageCLASS MF650C Series/imageCLASS LBP230 Series/imageCLASS X LBP1238 II/imageCLASS MF450 Series/imageCLASS X MF1238 II/imageCLASS X MF1643i II/imageCLASS X MF1643iF II firmware v06.02 and earlier sold in US.i-SENSYS LBP630C Series/i-SENSYS MF650C Series/i-SENSYS LBP230 Series/1238P II/1238Pr II/i-SENSYS MF450 Series/i-SENSYS MF550 Series/1238i II/1238iF II/imageRUNNER 1643i II/imageRUNNER 1643iF II firmware v06.02 and earlier sold in Europe.
    SSVC
    Exploitation: none Automatable: yes Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    Impacted products
    Vendor Product Version
    Canon Inc. Satera LBP670C Series Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. Satera MF750C Series Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. Color imageCLASS LBP630C Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. Color imageCLASS MF650C Series Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. imageCLASS LBP230 Series Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. imageCLASS X LBP1238 II Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. imageCLASS MF450 Series Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. imageCLASS X MF1238 II Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. imageCLASS X MF1643i II Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. imageCLASS X MF1643iF II Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. i-SENSYS LBP630C Series Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. i-SENSYS MF650C Series Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. i-SENSYS LBP230 Series Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. 1238P II Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. 1238Pr II Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. i-SENSYS MF450 Series Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. i-SENSYS MF550 Series Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. 1238i II Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. 1238iF II Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. imageRUNNER 1643i II Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. imageRUNNER 1643iF II Affected: 06.02 and earlier
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-14235",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-01-17T04:55:20.123768Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-02-26T15:04:04.493Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Satera LBP670C Series",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "Satera MF750C Series",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "Color imageCLASS LBP630C",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "Color imageCLASS MF650C Series",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "imageCLASS LBP230 Series",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "imageCLASS X LBP1238 II",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "imageCLASS MF450 Series",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "imageCLASS X MF1238 II",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "imageCLASS X MF1643i II",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "imageCLASS X MF1643iF II",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "i-SENSYS LBP630C Series",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "i-SENSYS MF650C Series",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "i-SENSYS LBP230 Series",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "1238P II",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "1238Pr II",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "i-SENSYS MF450 Series",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "i-SENSYS MF550 Series",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "1238i II",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "1238iF II",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "imageRUNNER 1643i II",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "imageRUNNER 1643iF II",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cp\u003eBuffer overflow in XPS font fpgm data processing on Small Office Multifunction Printers and Laser Printers(*) which may allow an attacker on the network segment to trigger the affected product being unresponsive or to execute arbitrary code. *: Satera LBP670C Series/Satera MF750C Series firmware v06.02 and earlier sold in Japan.Color imageCLASS LBP630C/Color imageCLASS MF650C Series/imageCLASS LBP230 Series/imageCLASS X LBP1238 II/imageCLASS MF450 Series/imageCLASS X MF1238 II/imageCLASS X MF1643i II/imageCLASS X MF1643iF II firmware v06.02 and earlier sold in US.i-SENSYS LBP630C Series/i-SENSYS MF650C Series/i-SENSYS LBP230 Series/1238P II/1238Pr II/i-SENSYS MF450 Series/i-SENSYS MF550 Series/1238i II/1238iF II/imageRUNNER 1643i II/imageRUNNER 1643iF II firmware v06.02 and earlier sold in Europe.\u003c/p\u003e"
                }
              ],
              "value": "Buffer overflow in XPS font fpgm data processing on Small Office Multifunction Printers and Laser Printers(*) which may allow an attacker on the network segment to trigger the affected product being unresponsive or to execute arbitrary code. *: Satera LBP670C Series/Satera MF750C Series firmware v06.02 and earlier sold in Japan.Color imageCLASS LBP630C/Color imageCLASS MF650C Series/imageCLASS LBP230 Series/imageCLASS X LBP1238 II/imageCLASS MF450 Series/imageCLASS X MF1238 II/imageCLASS X MF1643i II/imageCLASS X MF1643iF II firmware v06.02 and earlier sold in US.i-SENSYS LBP630C Series/i-SENSYS MF650C Series/i-SENSYS LBP230 Series/1238P II/1238Pr II/i-SENSYS MF450 Series/i-SENSYS MF550 Series/1238i II/1238iF II/imageRUNNER 1643i II/imageRUNNER 1643iF II firmware v06.02 and earlier sold in Europe."
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "attackComplexity": "LOW",
                "attackRequirements": "NONE",
                "attackVector": "NETWORK",
                "baseScore": 9.3,
                "baseSeverity": "CRITICAL",
                "exploitMaturity": "NOT_DEFINED",
                "privilegesRequired": "NONE",
                "providerUrgency": "NOT_DEFINED",
                "subAvailabilityImpact": "NONE",
                "subConfidentialityImpact": "NONE",
                "subIntegrityImpact": "NONE",
                "userInteraction": "NONE",
                "valueDensity": "NOT_DEFINED",
                "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
                "version": "4.0",
                "vulnAvailabilityImpact": "HIGH",
                "vulnConfidentialityImpact": "HIGH",
                "vulnIntegrityImpact": "HIGH",
                "vulnerabilityResponseEffort": "NOT_DEFINED"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            },
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 9.8,
                "baseSeverity": "CRITICAL",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-787",
                  "description": "CWE-787: Out-of-bounds Write",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-01-15T23:38:53.584Z",
            "orgId": "f98c90f0-e9bd-4fa7-911b-51993f3571fd",
            "shortName": "Canon"
          },
          "references": [
            {
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://psirt.canon/advisory-information/cp2026-001/"
            },
            {
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://canon.jp/support/support-info/260115vulnerability-response"
            },
            {
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://www.usa.canon.com/support/canon-product-advisories/Service-Notice-Regarding-Remediation-Measure-Against-Potential-Buffer-Overflow-Vulnerability-in-Laser-Printers-and-Small-Office-Multifunctional-Printers"
            },
            {
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://www.canon-europe.com/support/product-security/"
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "f98c90f0-e9bd-4fa7-911b-51993f3571fd",
        "assignerShortName": "Canon",
        "cveId": "CVE-2025-14235",
        "datePublished": "2026-01-15T23:38:53.584Z",
        "dateReserved": "2025-12-07T23:53:39.814Z",
        "dateUpdated": "2026-02-26T15:04:04.493Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2025-14234 (GCVE-0-2025-14234)

    Vulnerability from nvd – Published: 2026-01-15 23:38 – Updated: 2026-02-26 15:04
    VLAI
    Summary
    Buffer overflow in CPCA list processing on Small Office Multifunction Printers and Laser Printers(*) which may allow an attacker on the network segment to trigger the affected product being unresponsive or to execute arbitrary code. *: Satera LBP670C Series/Satera MF750C Series firmware v06.02 and earlier sold in Japan.Color imageCLASS LBP630C/Color imageCLASS MF650C Series/imageCLASS LBP230 Series/imageCLASS X LBP1238 II/imageCLASS MF450 Series/imageCLASS X MF1238 II/imageCLASS X MF1643i II/imageCLASS X MF1643iF II firmware v06.02 and earlier sold in US.i-SENSYS LBP630C Series/i-SENSYS MF650C Series/i-SENSYS LBP230 Series/1238P II/1238Pr II/i-SENSYS MF450 Series/i-SENSYS MF550 Series/1238i II/1238iF II/imageRUNNER 1643i II/imageRUNNER 1643iF II firmware v06.02 and earlier sold in Europe.
    SSVC
    Exploitation: none Automatable: yes Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    Impacted products
    Vendor Product Version
    Canon Inc. Satera LBP670C Series Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. Satera MF750C Series Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. Color imageCLASS LBP630C Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. Color imageCLASS MF650C Series Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. imageCLASS LBP230 Series Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. imageCLASS X LBP1238 II Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. imageCLASS MF450 Series Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. imageCLASS X MF1238 II Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. imageCLASS X MF1643i II Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. imageCLASS X MF1643iF II Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. i-SENSYS LBP630C Series Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. i-SENSYS MF650C Series Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. i-SENSYS LBP230 Series Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. 1238P II Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. 1238Pr II Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. i-SENSYS MF450 Series Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. i-SENSYS MF550 Series Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. 1238i II Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. 1238iF II Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. imageRUNNER 1643i II Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. imageRUNNER 1643iF II Affected: 06.02 and earlier
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-14234",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-01-17T04:55:18.971276Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-02-26T15:04:05.147Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Satera LBP670C Series",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "Satera MF750C Series",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "Color imageCLASS LBP630C",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "Color imageCLASS MF650C Series",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "imageCLASS LBP230 Series",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "imageCLASS X LBP1238 II",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "imageCLASS MF450 Series",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "imageCLASS X MF1238 II",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "imageCLASS X MF1643i II",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "imageCLASS X MF1643iF II",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "i-SENSYS LBP630C Series",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "i-SENSYS MF650C Series",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "i-SENSYS LBP230 Series",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "1238P II",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "1238Pr II",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "i-SENSYS MF450 Series",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "i-SENSYS MF550 Series",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "1238i II",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "1238iF II",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "imageRUNNER 1643i II",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "imageRUNNER 1643iF II",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cp\u003eBuffer overflow in CPCA list processing on Small Office Multifunction Printers and Laser Printers(*) which may allow an attacker on the network segment to trigger the affected product being unresponsive or to execute arbitrary code. *: Satera LBP670C Series/Satera MF750C Series firmware v06.02 and earlier sold in Japan.Color imageCLASS LBP630C/Color imageCLASS MF650C Series/imageCLASS LBP230 Series/imageCLASS X LBP1238 II/imageCLASS MF450 Series/imageCLASS X MF1238 II/imageCLASS X MF1643i II/imageCLASS X MF1643iF II firmware v06.02 and earlier sold in US.i-SENSYS LBP630C Series/i-SENSYS MF650C Series/i-SENSYS LBP230 Series/1238P II/1238Pr II/i-SENSYS MF450 Series/i-SENSYS MF550 Series/1238i II/1238iF II/imageRUNNER 1643i II/imageRUNNER 1643iF II firmware v06.02 and earlier sold in Europe.\u003c/p\u003e"
                }
              ],
              "value": "Buffer overflow in CPCA list processing on Small Office Multifunction Printers and Laser Printers(*) which may allow an attacker on the network segment to trigger the affected product being unresponsive or to execute arbitrary code. *: Satera LBP670C Series/Satera MF750C Series firmware v06.02 and earlier sold in Japan.Color imageCLASS LBP630C/Color imageCLASS MF650C Series/imageCLASS LBP230 Series/imageCLASS X LBP1238 II/imageCLASS MF450 Series/imageCLASS X MF1238 II/imageCLASS X MF1643i II/imageCLASS X MF1643iF II firmware v06.02 and earlier sold in US.i-SENSYS LBP630C Series/i-SENSYS MF650C Series/i-SENSYS LBP230 Series/1238P II/1238Pr II/i-SENSYS MF450 Series/i-SENSYS MF550 Series/1238i II/1238iF II/imageRUNNER 1643i II/imageRUNNER 1643iF II firmware v06.02 and earlier sold in Europe."
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "attackComplexity": "LOW",
                "attackRequirements": "NONE",
                "attackVector": "NETWORK",
                "baseScore": 9.3,
                "baseSeverity": "CRITICAL",
                "exploitMaturity": "NOT_DEFINED",
                "privilegesRequired": "NONE",
                "providerUrgency": "NOT_DEFINED",
                "subAvailabilityImpact": "NONE",
                "subConfidentialityImpact": "NONE",
                "subIntegrityImpact": "NONE",
                "userInteraction": "NONE",
                "valueDensity": "NOT_DEFINED",
                "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
                "version": "4.0",
                "vulnAvailabilityImpact": "HIGH",
                "vulnConfidentialityImpact": "HIGH",
                "vulnIntegrityImpact": "HIGH",
                "vulnerabilityResponseEffort": "NOT_DEFINED"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            },
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 9.8,
                "baseSeverity": "CRITICAL",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-787",
                  "description": "CWE-787: Out-of-bounds Write",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-01-15T23:38:13.313Z",
            "orgId": "f98c90f0-e9bd-4fa7-911b-51993f3571fd",
            "shortName": "Canon"
          },
          "references": [
            {
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://psirt.canon/advisory-information/cp2026-001/"
            },
            {
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://canon.jp/support/support-info/260115vulnerability-response"
            },
            {
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://www.usa.canon.com/support/canon-product-advisories/Service-Notice-Regarding-Remediation-Measure-Against-Potential-Buffer-Overflow-Vulnerability-in-Laser-Printers-and-Small-Office-Multifunctional-Printers"
            },
            {
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://www.canon-europe.com/support/product-security/"
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "f98c90f0-e9bd-4fa7-911b-51993f3571fd",
        "assignerShortName": "Canon",
        "cveId": "CVE-2025-14234",
        "datePublished": "2026-01-15T23:38:13.313Z",
        "dateReserved": "2025-12-07T23:53:37.575Z",
        "dateUpdated": "2026-02-26T15:04:05.147Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2025-14233 (GCVE-0-2025-14233)

    Vulnerability from nvd – Published: 2026-01-15 23:37 – Updated: 2026-02-26 15:04
    VLAI
    Summary
    Invalid free in CPCA file deletion processing on Small Office Multifunction Printers and Laser Printers(*) which may allow an attacker on the network segment to trigger the affected product being unresponsive or to execute arbitrary code. *: Satera LBP670C Series/Satera MF750C Series firmware v06.02 and earlier sold in Japan.Color imageCLASS LBP630C/Color imageCLASS MF650C Series/imageCLASS LBP230 Series/imageCLASS X LBP1238 II/imageCLASS MF450 Series/imageCLASS X MF1238 II/imageCLASS X MF1643i II/imageCLASS X MF1643iF II firmware v06.02 and earlier sold in US.i-SENSYS LBP630C Series/i-SENSYS MF650C Series/i-SENSYS LBP230 Series/1238P II/1238Pr II/i-SENSYS MF450 Series/i-SENSYS MF550 Series/1238i II/1238iF II/imageRUNNER 1643i II/imageRUNNER 1643iF II firmware v06.02 and earlier sold in Europe.
    SSVC
    Exploitation: none Automatable: yes Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-763 - Release of Invalid Pointer or Reference
    Assigner
    Impacted products
    Vendor Product Version
    Canon Inc. Satera LBP670C Series Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. Satera MF750C Series Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. Color imageCLASS LBP630C Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. Color imageCLASS MF650C Series Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. imageCLASS LBP230 Series Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. imageCLASS X LBP1238 II Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. imageCLASS MF450 Series Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. imageCLASS X MF1238 II Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. imageCLASS X MF1643i II Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. imageCLASS X MF1643iF II Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. i-SENSYS LBP630C Series Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. i-SENSYS MF650C Series Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. i-SENSYS LBP230 Series Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. 1238P II Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. 1238Pr II Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. i-SENSYS MF450 Series Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. i-SENSYS MF550 Series Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. 1238i II Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. 1238iF II Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. imageRUNNER 1643i II Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. imageRUNNER 1643iF II Affected: 06.02 and earlier
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-14233",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-01-17T04:55:17.853082Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-02-26T15:04:05.546Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Satera LBP670C Series",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "Satera MF750C Series",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "Color imageCLASS LBP630C",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "Color imageCLASS MF650C Series",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "imageCLASS LBP230 Series",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "imageCLASS X LBP1238 II",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "imageCLASS MF450 Series",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "imageCLASS X MF1238 II",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "imageCLASS X MF1643i II",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "imageCLASS X MF1643iF II",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "i-SENSYS LBP630C Series",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "i-SENSYS MF650C Series",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "i-SENSYS LBP230 Series",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "1238P II",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "1238Pr II",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "i-SENSYS MF450 Series",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "i-SENSYS MF550 Series",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "1238i II",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "1238iF II",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "imageRUNNER 1643i II",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "imageRUNNER 1643iF II",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cp\u003eInvalid free in CPCA file deletion processing on Small Office Multifunction Printers and Laser Printers(*) which may allow an attacker on the network segment to trigger the affected product being unresponsive or to execute arbitrary code. *: Satera LBP670C Series/Satera MF750C Series firmware v06.02 and earlier sold in Japan.Color imageCLASS LBP630C/Color imageCLASS MF650C Series/imageCLASS LBP230 Series/imageCLASS X LBP1238 II/imageCLASS MF450 Series/imageCLASS X MF1238 II/imageCLASS X MF1643i II/imageCLASS X MF1643iF II firmware v06.02 and earlier sold in US.i-SENSYS LBP630C Series/i-SENSYS MF650C Series/i-SENSYS LBP230 Series/1238P II/1238Pr II/i-SENSYS MF450 Series/i-SENSYS MF550 Series/1238i II/1238iF II/imageRUNNER 1643i II/imageRUNNER 1643iF II firmware v06.02 and earlier sold in Europe.\u003c/p\u003e"
                }
              ],
              "value": "Invalid free in CPCA file deletion processing on Small Office Multifunction Printers and Laser Printers(*) which may allow an attacker on the network segment to trigger the affected product being unresponsive or to execute arbitrary code. *: Satera LBP670C Series/Satera MF750C Series firmware v06.02 and earlier sold in Japan.Color imageCLASS LBP630C/Color imageCLASS MF650C Series/imageCLASS LBP230 Series/imageCLASS X LBP1238 II/imageCLASS MF450 Series/imageCLASS X MF1238 II/imageCLASS X MF1643i II/imageCLASS X MF1643iF II firmware v06.02 and earlier sold in US.i-SENSYS LBP630C Series/i-SENSYS MF650C Series/i-SENSYS LBP230 Series/1238P II/1238Pr II/i-SENSYS MF450 Series/i-SENSYS MF550 Series/1238i II/1238iF II/imageRUNNER 1643i II/imageRUNNER 1643iF II firmware v06.02 and earlier sold in Europe."
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "attackComplexity": "LOW",
                "attackRequirements": "NONE",
                "attackVector": "NETWORK",
                "baseScore": 9.3,
                "baseSeverity": "CRITICAL",
                "exploitMaturity": "NOT_DEFINED",
                "privilegesRequired": "NONE",
                "providerUrgency": "NOT_DEFINED",
                "subAvailabilityImpact": "NONE",
                "subConfidentialityImpact": "NONE",
                "subIntegrityImpact": "NONE",
                "userInteraction": "NONE",
                "valueDensity": "NOT_DEFINED",
                "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
                "version": "4.0",
                "vulnAvailabilityImpact": "HIGH",
                "vulnConfidentialityImpact": "HIGH",
                "vulnIntegrityImpact": "HIGH",
                "vulnerabilityResponseEffort": "NOT_DEFINED"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            },
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 9.8,
                "baseSeverity": "CRITICAL",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-763",
                  "description": "CWE-763: Release of Invalid Pointer or Reference",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-01-15T23:37:29.921Z",
            "orgId": "f98c90f0-e9bd-4fa7-911b-51993f3571fd",
            "shortName": "Canon"
          },
          "references": [
            {
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://psirt.canon/advisory-information/cp2026-001/"
            },
            {
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://canon.jp/support/support-info/260115vulnerability-response"
            },
            {
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://www.usa.canon.com/support/canon-product-advisories/Service-Notice-Regarding-Remediation-Measure-Against-Potential-Buffer-Overflow-Vulnerability-in-Laser-Printers-and-Small-Office-Multifunctional-Printers"
            },
            {
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://www.canon-europe.com/support/product-security/"
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "f98c90f0-e9bd-4fa7-911b-51993f3571fd",
        "assignerShortName": "Canon",
        "cveId": "CVE-2025-14233",
        "datePublished": "2026-01-15T23:37:29.921Z",
        "dateReserved": "2025-12-07T23:53:35.177Z",
        "dateUpdated": "2026-02-26T15:04:05.546Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2025-14232 (GCVE-0-2025-14232)

    Vulnerability from nvd – Published: 2026-01-15 23:36 – Updated: 2026-02-26 15:04
    VLAI
    Summary
    Buffer overflow in XML processing of XPS file in Small Office Multifunction Printers and Laser Printers(*) which may allow an attacker on the network segment to trigger the affected product being unresponsive or to execute arbitrary code. *: Satera LBP670C Series/Satera MF750C Series firmware v06.02 and earlier sold in Japan.Color imageCLASS LBP630C/Color imageCLASS MF650C Series/imageCLASS LBP230 Series/imageCLASS X LBP1238 II/imageCLASS MF450 Series/imageCLASS X MF1238 II/imageCLASS X MF1643i II/imageCLASS X MF1643iF II firmware v06.02 and earlier sold in US.i-SENSYS LBP630C Series/i-SENSYS MF650C Series/i-SENSYS LBP230 Series/1238P II/1238Pr II/i-SENSYS MF450 Series/i-SENSYS MF550 Series/1238i II/1238iF II/imageRUNNER 1643i II/imageRUNNER 1643iF II firmware v06.02 and earlier sold in Europe.
    SSVC
    Exploitation: none Automatable: yes Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    Impacted products
    Vendor Product Version
    Canon Inc. Satera LBP670C Series Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. Satera MF750C Series Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. Color imageCLASS LBP630C Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. Color imageCLASS MF650C Series Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. imageCLASS LBP230 Series Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. imageCLASS X LBP1238 II Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. imageCLASS MF450 Series Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. imageCLASS X MF1238 II Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. imageCLASS X MF1643i II Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. imageCLASS X MF1643iF II Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. i-SENSYS LBP630C Series Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. i-SENSYS MF650C Series Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. i-SENSYS LBP230 Series Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. 1238P II Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. 1238Pr II Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. i-SENSYS MF450 Series Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. i-SENSYS MF550 Series Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. 1238i II Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. 1238iF II Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. imageRUNNER 1643i II Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. imageRUNNER 1643iF II Affected: 06.02 and earlier
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-14232",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-01-17T04:55:16.757641Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-02-26T15:04:05.866Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Satera LBP670C Series",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "Satera MF750C Series",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "Color imageCLASS LBP630C",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "Color imageCLASS MF650C Series",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "imageCLASS LBP230 Series",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "imageCLASS X LBP1238 II",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "imageCLASS MF450 Series",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "imageCLASS X MF1238 II",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "imageCLASS X MF1643i II",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "imageCLASS X MF1643iF II",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "i-SENSYS LBP630C Series",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "i-SENSYS MF650C Series",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "i-SENSYS LBP230 Series",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "1238P II",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "1238Pr II",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "i-SENSYS MF450 Series",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "i-SENSYS MF550 Series",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "1238i II",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "1238iF II",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "imageRUNNER 1643i II",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "imageRUNNER 1643iF II",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cp\u003eBuffer overflow in XML processing of XPS file in Small Office Multifunction Printers and Laser Printers(*) which may allow an attacker on the network segment to trigger the affected product being unresponsive or to execute arbitrary code. *: Satera LBP670C Series/Satera MF750C Series firmware v06.02 and earlier sold in Japan.Color imageCLASS LBP630C/Color imageCLASS MF650C Series/imageCLASS LBP230 Series/imageCLASS X LBP1238 II/imageCLASS MF450 Series/imageCLASS X MF1238 II/imageCLASS X MF1643i II/imageCLASS X MF1643iF II firmware v06.02 and earlier sold in US.i-SENSYS LBP630C Series/i-SENSYS MF650C Series/i-SENSYS LBP230 Series/1238P II/1238Pr II/i-SENSYS MF450 Series/i-SENSYS MF550 Series/1238i II/1238iF II/imageRUNNER 1643i II/imageRUNNER 1643iF II firmware v06.02 and earlier sold in Europe.\u003c/p\u003e"
                }
              ],
              "value": "Buffer overflow in XML processing of XPS file in Small Office Multifunction Printers and Laser Printers(*) which may allow an attacker on the network segment to trigger the affected product being unresponsive or to execute arbitrary code. *: Satera LBP670C Series/Satera MF750C Series firmware v06.02 and earlier sold in Japan.Color imageCLASS LBP630C/Color imageCLASS MF650C Series/imageCLASS LBP230 Series/imageCLASS X LBP1238 II/imageCLASS MF450 Series/imageCLASS X MF1238 II/imageCLASS X MF1643i II/imageCLASS X MF1643iF II firmware v06.02 and earlier sold in US.i-SENSYS LBP630C Series/i-SENSYS MF650C Series/i-SENSYS LBP230 Series/1238P II/1238Pr II/i-SENSYS MF450 Series/i-SENSYS MF550 Series/1238i II/1238iF II/imageRUNNER 1643i II/imageRUNNER 1643iF II firmware v06.02 and earlier sold in Europe."
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "attackComplexity": "LOW",
                "attackRequirements": "NONE",
                "attackVector": "NETWORK",
                "baseScore": 9.3,
                "baseSeverity": "CRITICAL",
                "exploitMaturity": "NOT_DEFINED",
                "privilegesRequired": "NONE",
                "providerUrgency": "NOT_DEFINED",
                "subAvailabilityImpact": "NONE",
                "subConfidentialityImpact": "NONE",
                "subIntegrityImpact": "NONE",
                "userInteraction": "NONE",
                "valueDensity": "NOT_DEFINED",
                "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
                "version": "4.0",
                "vulnAvailabilityImpact": "HIGH",
                "vulnConfidentialityImpact": "HIGH",
                "vulnIntegrityImpact": "HIGH",
                "vulnerabilityResponseEffort": "NOT_DEFINED"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            },
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 9.8,
                "baseSeverity": "CRITICAL",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-787",
                  "description": "CWE-787: Out-of-bounds Write",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-01-15T23:36:27.072Z",
            "orgId": "f98c90f0-e9bd-4fa7-911b-51993f3571fd",
            "shortName": "Canon"
          },
          "references": [
            {
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://psirt.canon/advisory-information/cp2026-001/"
            },
            {
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://canon.jp/support/support-info/260115vulnerability-response"
            },
            {
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://www.usa.canon.com/support/canon-product-advisories/Service-Notice-Regarding-Remediation-Measure-Against-Potential-Buffer-Overflow-Vulnerability-in-Laser-Printers-and-Small-Office-Multifunctional-Printers"
            },
            {
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://www.canon-europe.com/support/product-security/"
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "f98c90f0-e9bd-4fa7-911b-51993f3571fd",
        "assignerShortName": "Canon",
        "cveId": "CVE-2025-14232",
        "datePublished": "2026-01-15T23:36:27.072Z",
        "dateReserved": "2025-12-07T23:53:33.202Z",
        "dateUpdated": "2026-02-26T15:04:05.866Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2025-14231 (GCVE-0-2025-14231)

    Vulnerability from nvd – Published: 2026-01-15 23:35 – Updated: 2026-02-26 15:04
    VLAI
    Summary
    Buffer overflow in print job processing by WSD on Small Office Multifunction Printers and Laser Printers(*) which may allow an attacker on the network segment to trigger the affected product being unresponsive or to execute arbitrary code. *: Satera LBP670C Series/Satera MF750C Series firmware v06.02 and earlier sold in Japan.Color imageCLASS LBP630C/Color imageCLASS MF650C Series/imageCLASS LBP230 Series/imageCLASS X LBP1238 II/imageCLASS MF450 Series/imageCLASS X MF1238 II/imageCLASS X MF1643i II/imageCLASS X MF1643iF II firmware v06.02 and earlier sold in US.i-SENSYS LBP630C Series/i-SENSYS MF650C Series/i-SENSYS LBP230 Series/1238P II/1238Pr II/i-SENSYS MF450 Series/i-SENSYS MF550 Series/1238i II/1238iF II/imageRUNNER 1643i II/imageRUNNER 1643iF II firmware v06.02 and earlier sold in Europe.
    SSVC
    Exploitation: none Automatable: yes Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    Impacted products
    Vendor Product Version
    Canon Inc. Satera LBP670C Series Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. Satera MF750C Series Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. Color imageCLASS LBP630C Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. Color imageCLASS MF650C Series Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. imageCLASS LBP230 Series Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. imageCLASS X LBP1238 II Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. imageCLASS MF450 Series Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. imageCLASS X MF1238 II Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. imageCLASS X MF1643i II Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. imageCLASS X MF1643iF II Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. i-SENSYS LBP630C Series Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. i-SENSYS MF650C Series Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. i-SENSYS LBP230 Series Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. 1238P II Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. 1238Pr II Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. i-SENSYS MF450 Series Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. i-SENSYS MF550 Series Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. 1238i II Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. 1238iF II Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. imageRUNNER 1643i II Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. imageRUNNER 1643iF II Affected: 06.02 and earlier
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-14231",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-01-17T04:55:14.523463Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-02-26T15:04:06.152Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Satera LBP670C Series",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "Satera MF750C Series",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "Color imageCLASS LBP630C",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "Color imageCLASS MF650C Series",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "imageCLASS LBP230 Series",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "imageCLASS X LBP1238 II",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "imageCLASS MF450 Series",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "imageCLASS X MF1238 II",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "imageCLASS X MF1643i II",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "imageCLASS X MF1643iF II",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "i-SENSYS LBP630C Series",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "i-SENSYS MF650C Series",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "i-SENSYS LBP230 Series",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "1238P II",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "1238Pr II",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "i-SENSYS MF450 Series",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "i-SENSYS MF550 Series",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "1238i II",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "1238iF II",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "imageRUNNER 1643i II",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "imageRUNNER 1643iF II",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cp\u003eBuffer overflow in print job processing by WSD on Small Office Multifunction Printers and Laser Printers(*) which may allow an attacker on the network segment to trigger the affected product being unresponsive or to execute arbitrary code. *: Satera LBP670C Series/Satera MF750C Series firmware v06.02 and earlier sold in Japan.Color imageCLASS LBP630C/Color imageCLASS MF650C Series/imageCLASS LBP230 Series/imageCLASS X LBP1238 II/imageCLASS MF450 Series/imageCLASS X MF1238 II/imageCLASS X MF1643i II/imageCLASS X MF1643iF II firmware v06.02 and earlier sold in US.i-SENSYS LBP630C Series/i-SENSYS MF650C Series/i-SENSYS LBP230 Series/1238P II/1238Pr II/i-SENSYS MF450 Series/i-SENSYS MF550 Series/1238i II/1238iF II/imageRUNNER 1643i II/imageRUNNER 1643iF II firmware v06.02 and earlier sold in Europe.\u003c/p\u003e"
                }
              ],
              "value": "Buffer overflow in print job processing by WSD on Small Office Multifunction Printers and Laser Printers(*) which may allow an attacker on the network segment to trigger the affected product being unresponsive or to execute arbitrary code. *: Satera LBP670C Series/Satera MF750C Series firmware v06.02 and earlier sold in Japan.Color imageCLASS LBP630C/Color imageCLASS MF650C Series/imageCLASS LBP230 Series/imageCLASS X LBP1238 II/imageCLASS MF450 Series/imageCLASS X MF1238 II/imageCLASS X MF1643i II/imageCLASS X MF1643iF II firmware v06.02 and earlier sold in US.i-SENSYS LBP630C Series/i-SENSYS MF650C Series/i-SENSYS LBP230 Series/1238P II/1238Pr II/i-SENSYS MF450 Series/i-SENSYS MF550 Series/1238i II/1238iF II/imageRUNNER 1643i II/imageRUNNER 1643iF II firmware v06.02 and earlier sold in Europe."
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "attackComplexity": "LOW",
                "attackRequirements": "NONE",
                "attackVector": "NETWORK",
                "baseScore": 9.3,
                "baseSeverity": "CRITICAL",
                "exploitMaturity": "NOT_DEFINED",
                "privilegesRequired": "NONE",
                "providerUrgency": "NOT_DEFINED",
                "subAvailabilityImpact": "NONE",
                "subConfidentialityImpact": "NONE",
                "subIntegrityImpact": "NONE",
                "userInteraction": "NONE",
                "valueDensity": "NOT_DEFINED",
                "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
                "version": "4.0",
                "vulnAvailabilityImpact": "HIGH",
                "vulnConfidentialityImpact": "HIGH",
                "vulnIntegrityImpact": "HIGH",
                "vulnerabilityResponseEffort": "NOT_DEFINED"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            },
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 9.8,
                "baseSeverity": "CRITICAL",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-787",
                  "description": "CWE-787: Out-of-bounds Write",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-01-15T23:35:27.096Z",
            "orgId": "f98c90f0-e9bd-4fa7-911b-51993f3571fd",
            "shortName": "Canon"
          },
          "references": [
            {
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://psirt.canon/advisory-information/cp2026-001/"
            },
            {
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://canon.jp/support/support-info/260115vulnerability-response"
            },
            {
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://www.usa.canon.com/support/canon-product-advisories/Service-Notice-Regarding-Remediation-Measure-Against-Potential-Buffer-Overflow-Vulnerability-in-Laser-Printers-and-Small-Office-Multifunctional-Printers"
            },
            {
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://www.canon-europe.com/support/product-security/"
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "f98c90f0-e9bd-4fa7-911b-51993f3571fd",
        "assignerShortName": "Canon",
        "cveId": "CVE-2025-14231",
        "datePublished": "2026-01-15T23:35:27.096Z",
        "dateReserved": "2025-12-07T23:53:30.531Z",
        "dateUpdated": "2026-02-26T15:04:06.152Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2024-12649 (GCVE-0-2024-12649)

    Vulnerability from nvd – Published: 2025-01-28 00:39 – Updated: 2025-01-28 15:17
    VLAI
    Summary
    Buffer overflow in XPS data font processing of Small Office Multifunction Printers and Laser Printers(*) which may allow an attacker on the network segment to trigger the affected product being unresponsive or to execute arbitrary code. *: Satera MF656Cdw/Satera MF654Cdw firmware v05.04 and earlier sold in Japan. Color imageCLASS MF656Cdw/Color imageCLASS MF654Cdw/Color imageCLASS MF653Cdw/Color imageCLASS MF652Cdw/Color imageCLASS LBP633Cdw/Color imageCLASS LBP632Cdw firmware v05.04 and earlier sold in US. i-SENSYS MF657Cdw/i-SENSYS MF655Cdw/i-SENSYS MF651Cdw/i-SENSYS LBP633Cdw/i-SENSYS LBP631Cdw firmware v05.04 and earlier sold in Europe.
    SSVC
    Exploitation: none Automatable: yes Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2024-12649",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-01-28T14:55:47.353411Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-01-28T15:17:20.913Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Satera MF656Cdw",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "05.04 and earlier"
                }
              ]
            },
            {
              "product": "Satera MF654Cdw",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "05.04 and earlier"
                }
              ]
            },
            {
              "product": "Color imageCLASS MF656Cdw",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "05.04 and earlier"
                }
              ]
            },
            {
              "product": "Color imageCLASS MF654Cdw",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "05.04 and earlier"
                }
              ]
            },
            {
              "product": "Color imageCLASS MF653Cdw",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "05.04 and earlier"
                }
              ]
            },
            {
              "product": "Color imageCLASS MF652Cdw",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "05.04 and earlier"
                }
              ]
            },
            {
              "product": "Color imageCLASS LBP633Cdw",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "05.04 and earlier"
                }
              ]
            },
            {
              "product": "Color imageCLASS LBP632Cdw",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "05.04 and earlier"
                }
              ]
            },
            {
              "product": "i-SENSYS MF657Cdw",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "05.04 and earlier"
                }
              ]
            },
            {
              "product": "i-SENSYS MF655Cdw",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "05.04 and earlier"
                }
              ]
            },
            {
              "product": "i-SENSYS MF651Cdw",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "05.04 and earlier"
                }
              ]
            },
            {
              "product": "i-SENSYS LBP633Cdw",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "05.04 and earlier"
                }
              ]
            },
            {
              "product": "i-SENSYS LBP631Cdw",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "05.04 and earlier"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cp\u003eBuffer overflow in XPS data font processing of Small Office Multifunction Printers and Laser Printers(*) which may allow an attacker on the network segment to trigger the affected product being unresponsive or to execute arbitrary code. *: Satera MF656Cdw/Satera MF654Cdw firmware v05.04 and earlier sold in Japan. Color imageCLASS MF656Cdw/Color imageCLASS MF654Cdw/Color imageCLASS MF653Cdw/Color imageCLASS MF652Cdw/Color imageCLASS LBP633Cdw/Color imageCLASS LBP632Cdw firmware v05.04 and earlier sold in US. i-SENSYS MF657Cdw/i-SENSYS MF655Cdw/i-SENSYS MF651Cdw/i-SENSYS LBP633Cdw/i-SENSYS LBP631Cdw firmware v05.04 and earlier sold in Europe. \u003c/p\u003e"
                }
              ],
              "value": "Buffer overflow in XPS data font processing of Small Office Multifunction Printers and Laser Printers(*) which may allow an attacker on the network segment to trigger the affected product being unresponsive or to execute arbitrary code. *: Satera MF656Cdw/Satera MF654Cdw firmware v05.04 and earlier sold in Japan. Color imageCLASS MF656Cdw/Color imageCLASS MF654Cdw/Color imageCLASS MF653Cdw/Color imageCLASS MF652Cdw/Color imageCLASS LBP633Cdw/Color imageCLASS LBP632Cdw firmware v05.04 and earlier sold in US. i-SENSYS MF657Cdw/i-SENSYS MF655Cdw/i-SENSYS MF651Cdw/i-SENSYS LBP633Cdw/i-SENSYS LBP631Cdw firmware v05.04 and earlier sold in Europe."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 9.8,
                "baseSeverity": "CRITICAL",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-787",
                  "description": "CWE-787: Out-of-bounds Write",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-01-28T00:39:54.686Z",
            "orgId": "f98c90f0-e9bd-4fa7-911b-51993f3571fd",
            "shortName": "Canon"
          },
          "references": [
            {
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://psirt.canon/advisory-information/cp2025-001/"
            },
            {
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://canon.jp/support/support-info/250127vulnerability-response"
            },
            {
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://www.usa.canon.com/support/canon-product-advisories/service-notice-regarding-vulnerability-measure-against-buffer-overflow-for-laser-printers-and-small-office-multifunctional-printers"
            },
            {
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://www.canon-europe.com/support/product-security/#news"
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "f98c90f0-e9bd-4fa7-911b-51993f3571fd",
        "assignerShortName": "Canon",
        "cveId": "CVE-2024-12649",
        "datePublished": "2025-01-28T00:39:54.686Z",
        "dateReserved": "2024-12-16T02:42:01.467Z",
        "dateUpdated": "2025-01-28T15:17:20.913Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2024-12648 (GCVE-0-2024-12648)

    Vulnerability from nvd – Published: 2025-01-28 00:39 – Updated: 2025-01-28 15:17
    VLAI
    Summary
    Buffer overflow in TIFF data EXIF tag processing of Small Office Multifunction Printers and Laser Printers(*) which may allow an attacker on the network segment to trigger the affected product being unresponsive or to execute arbitrary code. *: Satera MF656Cdw/Satera MF654Cdw firmware v05.04 and earlier sold in Japan. Color imageCLASS MF656Cdw/Color imageCLASS MF654Cdw/Color imageCLASS MF653Cdw/Color imageCLASS MF652Cdw/Color imageCLASS LBP633Cdw/Color imageCLASS LBP632Cdw firmware v05.04 and earlier sold in US. i-SENSYS MF657Cdw/i-SENSYS MF655Cdw/i-SENSYS MF651Cdw/i-SENSYS LBP633Cdw/i-SENSYS LBP631Cdw firmware v05.04 and earlier sold in Europe.
    SSVC
    Exploitation: none Automatable: yes Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2024-12648",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-01-28T14:55:50.324601Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-01-28T15:17:30.024Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Satera MF656Cdw",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "05.04 and earlier"
                }
              ]
            },
            {
              "product": "Satera MF654Cdw",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "05.04 and earlier"
                }
              ]
            },
            {
              "product": "Color imageCLASS MF656Cdw",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "05.04 and earlier"
                }
              ]
            },
            {
              "product": "Color imageCLASS MF654Cdw",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "05.04 and earlier"
                }
              ]
            },
            {
              "product": "Color imageCLASS MF653Cdw",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "05.04 and earlier"
                }
              ]
            },
            {
              "product": "Color imageCLASS MF652Cdw",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "05.04 and earlier"
                }
              ]
            },
            {
              "product": "Color imageCLASS LBP633Cdw",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "05.04 and earlier"
                }
              ]
            },
            {
              "product": "Color imageCLASS LBP632Cdw",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "05.04 and earlier"
                }
              ]
            },
            {
              "product": "i-SENSYS MF657Cdw",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "05.04 and earlier"
                }
              ]
            },
            {
              "product": "i-SENSYS MF655Cdw",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "05.04 and earlier"
                }
              ]
            },
            {
              "product": "i-SENSYS MF651Cdw",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "05.04 and earlier"
                }
              ]
            },
            {
              "product": "i-SENSYS LBP633Cdw",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "05.04 and earlier"
                }
              ]
            },
            {
              "product": "i-SENSYS LBP631Cdw",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "05.04 and earlier"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cp\u003eBuffer overflow in TIFF data EXIF tag processing of Small Office Multifunction Printers and Laser Printers(*) which may allow an attacker on the network segment to trigger the affected product being unresponsive or to execute arbitrary code. *: Satera MF656Cdw/Satera MF654Cdw firmware v05.04 and earlier sold in Japan. Color imageCLASS MF656Cdw/Color imageCLASS MF654Cdw/Color imageCLASS MF653Cdw/Color imageCLASS MF652Cdw/Color imageCLASS LBP633Cdw/Color imageCLASS LBP632Cdw firmware v05.04 and earlier sold in US. i-SENSYS MF657Cdw/i-SENSYS MF655Cdw/i-SENSYS MF651Cdw/i-SENSYS LBP633Cdw/i-SENSYS LBP631Cdw firmware v05.04 and earlier sold in Europe. \u003c/p\u003e"
                }
              ],
              "value": "Buffer overflow in TIFF data EXIF tag processing of Small Office Multifunction Printers and Laser Printers(*) which may allow an attacker on the network segment to trigger the affected product being unresponsive or to execute arbitrary code. *: Satera MF656Cdw/Satera MF654Cdw firmware v05.04 and earlier sold in Japan. Color imageCLASS MF656Cdw/Color imageCLASS MF654Cdw/Color imageCLASS MF653Cdw/Color imageCLASS MF652Cdw/Color imageCLASS LBP633Cdw/Color imageCLASS LBP632Cdw firmware v05.04 and earlier sold in US. i-SENSYS MF657Cdw/i-SENSYS MF655Cdw/i-SENSYS MF651Cdw/i-SENSYS LBP633Cdw/i-SENSYS LBP631Cdw firmware v05.04 and earlier sold in Europe."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 9.8,
                "baseSeverity": "CRITICAL",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-787",
                  "description": "CWE-787: Out-of-bounds Write",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-01-28T00:39:15.098Z",
            "orgId": "f98c90f0-e9bd-4fa7-911b-51993f3571fd",
            "shortName": "Canon"
          },
          "references": [
            {
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://psirt.canon/advisory-information/cp2025-001/"
            },
            {
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://canon.jp/support/support-info/250127vulnerability-response"
            },
            {
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://www.usa.canon.com/support/canon-product-advisories/service-notice-regarding-vulnerability-measure-against-buffer-overflow-for-laser-printers-and-small-office-multifunctional-printers"
            },
            {
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://www.canon-europe.com/support/product-security/#news"
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "f98c90f0-e9bd-4fa7-911b-51993f3571fd",
        "assignerShortName": "Canon",
        "cveId": "CVE-2024-12648",
        "datePublished": "2025-01-28T00:39:15.098Z",
        "dateReserved": "2024-12-16T02:41:59.461Z",
        "dateUpdated": "2025-01-28T15:17:30.024Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2024-12647 (GCVE-0-2024-12647)

    Vulnerability from nvd – Published: 2025-01-28 00:38 – Updated: 2025-01-28 15:17
    VLAI
    Summary
    Buffer overflow in CPCA font download processing of Small Office Multifunction Printers and Laser Printers(*) which may allow an attacker on the network segment to trigger the affected product being unresponsive or to execute arbitrary code. *: Satera MF656Cdw/Satera MF654Cdw firmware v05.04 and earlier sold in Japan. Color imageCLASS MF656Cdw/Color imageCLASS MF654Cdw/Color imageCLASS MF653Cdw/Color imageCLASS MF652Cdw/Color imageCLASS LBP633Cdw/Color imageCLASS LBP632Cdw firmware v05.04 and earlier sold in US. i-SENSYS MF657Cdw/i-SENSYS MF655Cdw/i-SENSYS MF651Cdw/i-SENSYS LBP633Cdw/i-SENSYS LBP631Cdw firmware v05.04 and earlier sold in Europe.
    SSVC
    Exploitation: none Automatable: yes Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2024-12647",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-01-28T14:55:53.062158Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-01-28T15:17:41.020Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Satera MF656Cdw",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "05.04 and earlier"
                }
              ]
            },
            {
              "product": "Satera MF654Cdw",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "05.04 and earlier"
                }
              ]
            },
            {
              "product": "Color imageCLASS MF656Cdw",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "05.04 and earlier"
                }
              ]
            },
            {
              "product": "Color imageCLASS MF654Cdw",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "05.04 and earlier"
                }
              ]
            },
            {
              "product": "Color imageCLASS MF653Cdw",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "05.04 and earlier"
                }
              ]
            },
            {
              "product": "Color imageCLASS MF652Cdw",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "05.04 and earlier"
                }
              ]
            },
            {
              "product": "Color imageCLASS LBP633Cdw",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "05.04 and earlier"
                }
              ]
            },
            {
              "product": "Color imageCLASS LBP632Cdw",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "05.04 and earlier"
                }
              ]
            },
            {
              "product": "i-SENSYS MF657Cdw",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "05.04 and earlier"
                }
              ]
            },
            {
              "product": "i-SENSYS MF655Cdw",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "05.04 and earlier"
                }
              ]
            },
            {
              "product": "i-SENSYS MF651Cdw",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "05.04 and earlier"
                }
              ]
            },
            {
              "product": "i-SENSYS LBP633Cdw",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "05.04 and earlier"
                }
              ]
            },
            {
              "product": "i-SENSYS LBP631Cdw",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "05.04 and earlier"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cp\u003eBuffer overflow in CPCA font download processing of Small Office Multifunction Printers and Laser Printers(*) which may allow an attacker on the network segment to trigger the affected product being unresponsive or to execute arbitrary code. *: Satera MF656Cdw/Satera MF654Cdw firmware v05.04 and earlier sold in Japan. Color imageCLASS MF656Cdw/Color imageCLASS MF654Cdw/Color imageCLASS MF653Cdw/Color imageCLASS MF652Cdw/Color imageCLASS LBP633Cdw/Color imageCLASS LBP632Cdw firmware v05.04 and earlier sold in US. i-SENSYS MF657Cdw/i-SENSYS MF655Cdw/i-SENSYS MF651Cdw/i-SENSYS LBP633Cdw/i-SENSYS LBP631Cdw firmware v05.04 and earlier sold in Europe. \u003c/p\u003e"
                }
              ],
              "value": "Buffer overflow in CPCA font download processing of Small Office Multifunction Printers and Laser Printers(*) which may allow an attacker on the network segment to trigger the affected product being unresponsive or to execute arbitrary code. *: Satera MF656Cdw/Satera MF654Cdw firmware v05.04 and earlier sold in Japan. Color imageCLASS MF656Cdw/Color imageCLASS MF654Cdw/Color imageCLASS MF653Cdw/Color imageCLASS MF652Cdw/Color imageCLASS LBP633Cdw/Color imageCLASS LBP632Cdw firmware v05.04 and earlier sold in US. i-SENSYS MF657Cdw/i-SENSYS MF655Cdw/i-SENSYS MF651Cdw/i-SENSYS LBP633Cdw/i-SENSYS LBP631Cdw firmware v05.04 and earlier sold in Europe."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 9.8,
                "baseSeverity": "CRITICAL",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-787",
                  "description": "CWE-787: Out-of-bounds Write",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-01-28T00:38:17.973Z",
            "orgId": "f98c90f0-e9bd-4fa7-911b-51993f3571fd",
            "shortName": "Canon"
          },
          "references": [
            {
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://psirt.canon/advisory-information/cp2025-001/"
            },
            {
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://canon.jp/support/support-info/250127vulnerability-response"
            },
            {
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://www.usa.canon.com/support/canon-product-advisories/service-notice-regarding-vulnerability-measure-against-buffer-overflow-for-laser-printers-and-small-office-multifunctional-printers"
            },
            {
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://www.canon-europe.com/support/product-security/#news"
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "f98c90f0-e9bd-4fa7-911b-51993f3571fd",
        "assignerShortName": "Canon",
        "cveId": "CVE-2024-12647",
        "datePublished": "2025-01-28T00:38:17.973Z",
        "dateReserved": "2024-12-16T02:41:57.265Z",
        "dateUpdated": "2025-01-28T15:17:41.020Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2023-6234 (GCVE-0-2023-6234)

    Vulnerability from nvd – Published: 2024-02-06 00:23 – Updated: 2024-08-02 08:21
    VLAI
    Summary
    Buffer overflow in CPCA Color LUT Resource Download process of Office Multifunction Printers and Laser Printers(*) which may allow an attacker on the network segment to trigger the affected product being unresponsive or to execute arbitrary code.*: Satera LBP670C Series/Satera MF750C Series firmware v03.07 and earlier sold in Japan. Color imageCLASS LBP674C/Color imageCLASS X LBP1333C/Color imageCLASS MF750C Series/Color imageCLASS X MF1333C Series firmware v03.07 and earlier sold in US. i-SENSYS LBP673Cdw/C1333P/i-SENSYS MF750C Series/C1333i Series firmware v03.07 and earlier sold in Europe.
    SSVC
    Exploitation: none Automatable: yes Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    Impacted products
    Vendor Product Version
    Canon Inc. Satera LBP670C Series Affected: 03.07 and earlier
    Create a notification for this product.
    Canon Inc. Satera MF750C Series Affected: 03.07 and earlier
    Create a notification for this product.
    Canon Inc. Color imageCLASS LBP674C Affected: 03.07 and earlier
    Create a notification for this product.
    Canon Inc. Color imageCLASS X LBP1333C Affected: 03.07 and earlier
    Create a notification for this product.
    Canon Inc. Color imageCLASS MF750C Series Affected: 03.07 and earlier
    Create a notification for this product.
    Canon Inc. Color imageCLASS X MF1333C Series Affected: 03.07 and earlier
    Create a notification for this product.
    Canon Inc. i-SENSYS LBP673Cdw Affected: 03.07 and earlier
    Create a notification for this product.
    Canon Inc. C1333P Affected: 03.07 and earlier
    Create a notification for this product.
    Canon Inc. i-SENSYS MF750C Series Affected: 03.07 and earlier
    Create a notification for this product.
    Canon Inc. C1333i Series Affected: 03.07 and earlier
    Create a notification for this product.
    canon lbp674c Affected: 0 , ≤ 3.07 (custom)
        cpe:2.3:h:canon:lbp674c:-:*:*:*:*:*:*:*
    Create a notification for this product.
    canon lbp1333c Affected: 0 , ≤ 3.07 (custom)
        cpe:2.3:h:canon:lbp1333c:-:*:*:*:*:*:*:*
    Create a notification for this product.
    canon i-sensys_x_c1333p Affected: 0 , ≤ 3.07 (custom)
        cpe:2.3:h:canon:i-sensys_x_c1333p:-:*:*:*:*:*:*:*
    Create a notification for this product.
    canon i-sensys_lbp673cdw Affected: 0 , ≤ 3.07 (custom)
        cpe:2.3:h:canon:i-sensys_lbp673cdw:-:*:*:*:*:*:*:*
    Create a notification for this product.
    canon mf1333c Affected: 0 , ≤ 3.07 (custom)
        cpe:2.3:h:canon:mf1333c:-:*:*:*:*:*:*:*
    Create a notification for this product.
    canon mf750c Affected: 0 , ≤ 3.07 (custom)
        cpe:2.3:h:canon:mf750c:*:*:*:*:*:*:*:*
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "affected": [
              {
                "cpes": [
                  "cpe:2.3:h:canon:lbp674c:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "lbp674c",
                "vendor": "canon",
                "versions": [
                  {
                    "lessThanOrEqual": "3.07",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:h:canon:lbp1333c:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "lbp1333c",
                "vendor": "canon",
                "versions": [
                  {
                    "lessThanOrEqual": "3.07",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:h:canon:i-sensys_x_c1333p:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "i-sensys_x_c1333p",
                "vendor": "canon",
                "versions": [
                  {
                    "lessThanOrEqual": "3.07",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:h:canon:i-sensys_lbp673cdw:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "i-sensys_lbp673cdw",
                "vendor": "canon",
                "versions": [
                  {
                    "lessThanOrEqual": "3.07",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:h:canon:mf1333c:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "mf1333c",
                "vendor": "canon",
                "versions": [
                  {
                    "lessThanOrEqual": "3.07",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:h:canon:mf750c:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "mf750c",
                "vendor": "canon",
                "versions": [
                  {
                    "lessThanOrEqual": "3.07",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              }
            ],
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2023-6234",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-06-04T14:15:16.906621Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-06-04T17:16:57.552Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          },
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T08:21:17.875Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "vendor-advisory",
                  "x_transferred"
                ],
                "url": "https://psirt.canon/advisory-information/cp2024-001/"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_transferred"
                ],
                "url": "https://canon.jp/support/support-info/240205vulnerability-response"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_transferred"
                ],
                "url": "https://www.usa.canon.com/support/canon-product-advisories/Service-Notice-Regarding-Vulnerability-Measure-Against-Buffer-Overflow-for-Laser-Printers-and-Small-Office-Multifunctional-Printers"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_transferred"
                ],
                "url": "https://www.canon-europe.com/support/product-security-latest-news/"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "Satera LBP670C Series",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "03.07 and earlier"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "Satera MF750C Series",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "03.07 and earlier"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "Color imageCLASS LBP674C",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "03.07 and earlier"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "Color imageCLASS X LBP1333C",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "03.07 and earlier"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "Color imageCLASS MF750C Series",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "03.07 and earlier"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "Color imageCLASS X MF1333C Series",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "03.07 and earlier"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "i-SENSYS LBP673Cdw",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "03.07 and earlier"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "C1333P",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "03.07 and earlier"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "i-SENSYS MF750C Series",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "03.07 and earlier"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "C1333i Series",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "03.07 and earlier"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cp\u003eBuffer overflow in CPCA Color LUT Resource Download process of Office Multifunction Printers and Laser Printers(*) which may allow an attacker on the network segment to trigger the affected product being unresponsive or to execute arbitrary code.*: Satera LBP670C Series/Satera MF750C Series firmware v03.07 and earlier sold in Japan. Color imageCLASS LBP674C/Color imageCLASS X LBP1333C/Color imageCLASS MF750C Series/Color imageCLASS X MF1333C Series firmware v03.07 and earlier sold in US. i-SENSYS LBP673Cdw/C1333P/i-SENSYS MF750C Series/C1333i Series firmware v03.07 and earlier sold in Europe.\u003c/p\u003e"
                }
              ],
              "value": "Buffer overflow in CPCA Color LUT Resource Download process of Office Multifunction Printers and Laser Printers(*) which may allow an attacker on the network segment to trigger the affected product being unresponsive or to execute arbitrary code.*: Satera LBP670C Series/Satera MF750C Series firmware v03.07 and earlier sold in Japan. Color imageCLASS LBP674C/Color imageCLASS X LBP1333C/Color imageCLASS MF750C Series/Color imageCLASS X MF1333C Series firmware v03.07 and earlier sold in US. i-SENSYS LBP673Cdw/C1333P/i-SENSYS MF750C Series/C1333i Series firmware v03.07 and earlier sold in Europe.\n\n"
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 9.8,
                "baseSeverity": "CRITICAL",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-787",
                  "description": "CWE-787: Out-of-bounds Write",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-02-06T00:23:28.727Z",
            "orgId": "f98c90f0-e9bd-4fa7-911b-51993f3571fd",
            "shortName": "Canon"
          },
          "references": [
            {
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://psirt.canon/advisory-information/cp2024-001/"
            },
            {
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://canon.jp/support/support-info/240205vulnerability-response"
            },
            {
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://www.usa.canon.com/support/canon-product-advisories/Service-Notice-Regarding-Vulnerability-Measure-Against-Buffer-Overflow-for-Laser-Printers-and-Small-Office-Multifunctional-Printers"
            },
            {
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://www.canon-europe.com/support/product-security-latest-news/"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "x_generator": {
            "engine": "Vulnogram 0.1.0-dev"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "f98c90f0-e9bd-4fa7-911b-51993f3571fd",
        "assignerShortName": "Canon",
        "cveId": "CVE-2023-6234",
        "datePublished": "2024-02-06T00:23:28.727Z",
        "dateReserved": "2023-11-21T06:05:11.045Z",
        "dateUpdated": "2024-08-02T08:21:17.875Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2023-6233 (GCVE-0-2023-6233)

    Vulnerability from nvd – Published: 2024-02-06 00:23 – Updated: 2025-06-17 21:29
    VLAI
    Summary
    Buffer overflow in SLP attribute request process of Office Multifunction Printers and Laser Printers(*) which may allow an attacker on the network segment to trigger the affected product being unresponsive or to execute arbitrary code.*: Satera LBP670C Series/Satera MF750C Series firmware v03.07 and earlier sold in Japan. Color imageCLASS LBP674C/Color imageCLASS X LBP1333C/Color imageCLASS MF750C Series/Color imageCLASS X MF1333C Series firmware v03.07 and earlier sold in US. i-SENSYS LBP673Cdw/C1333P/i-SENSYS MF750C Series/C1333i Series firmware v03.07 and earlier sold in Europe.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T08:21:18.092Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "vendor-advisory",
                  "x_transferred"
                ],
                "url": "https://psirt.canon/advisory-information/cp2024-001/"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_transferred"
                ],
                "url": "https://canon.jp/support/support-info/240205vulnerability-response"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_transferred"
                ],
                "url": "https://www.usa.canon.com/support/canon-product-advisories/Service-Notice-Regarding-Vulnerability-Measure-Against-Buffer-Overflow-for-Laser-Printers-and-Small-Office-Multifunctional-Printers"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_transferred"
                ],
                "url": "https://www.canon-europe.com/support/product-security-latest-news/"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2023-6233",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-02-06T14:35:58.316771Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-06-17T21:29:27.325Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "Satera LBP670C Series",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "03.07 and earlier"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "Satera MF750C Series",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "03.07 and earlier"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "Color imageCLASS LBP674C",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "03.07 and earlier"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "Color imageCLASS X LBP1333C",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "03.07 and earlier"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "Color imageCLASS MF750C Series",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "03.07 and earlier"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "Color imageCLASS X MF1333C Series",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "03.07 and earlier"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "i-SENSYS LBP673Cdw",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "03.07 and earlier"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "C1333P",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "03.07 and earlier"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "i-SENSYS MF750C Series",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "03.07 and earlier"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "C1333i Series",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "03.07 and earlier"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cp\u003eBuffer overflow in SLP attribute request process of Office Multifunction Printers and Laser Printers(*) which may allow an attacker on the network segment to trigger the affected product being unresponsive or to execute arbitrary code.*: Satera LBP670C Series/Satera MF750C Series firmware v03.07 and earlier sold in Japan. Color imageCLASS LBP674C/Color imageCLASS X LBP1333C/Color imageCLASS MF750C Series/Color imageCLASS X MF1333C Series firmware v03.07 and earlier sold in US. i-SENSYS LBP673Cdw/C1333P/i-SENSYS MF750C Series/C1333i Series firmware v03.07 and earlier sold in Europe.\u003c/p\u003e"
                }
              ],
              "value": "Buffer overflow in SLP attribute request process of Office Multifunction Printers and Laser Printers(*) which may allow an attacker on the network segment to trigger the affected product being unresponsive or to execute arbitrary code.*: Satera LBP670C Series/Satera MF750C Series firmware v03.07 and earlier sold in Japan. Color imageCLASS LBP674C/Color imageCLASS X LBP1333C/Color imageCLASS MF750C Series/Color imageCLASS X MF1333C Series firmware v03.07 and earlier sold in US. i-SENSYS LBP673Cdw/C1333P/i-SENSYS MF750C Series/C1333i Series firmware v03.07 and earlier sold in Europe.\n\n"
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 9.8,
                "baseSeverity": "CRITICAL",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-787",
                  "description": "CWE-787: Out-of-bounds Write",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-02-06T00:23:05.601Z",
            "orgId": "f98c90f0-e9bd-4fa7-911b-51993f3571fd",
            "shortName": "Canon"
          },
          "references": [
            {
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://psirt.canon/advisory-information/cp2024-001/"
            },
            {
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://canon.jp/support/support-info/240205vulnerability-response"
            },
            {
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://www.usa.canon.com/support/canon-product-advisories/Service-Notice-Regarding-Vulnerability-Measure-Against-Buffer-Overflow-for-Laser-Printers-and-Small-Office-Multifunctional-Printers"
            },
            {
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://www.canon-europe.com/support/product-security-latest-news/"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "x_generator": {
            "engine": "Vulnogram 0.1.0-dev"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "f98c90f0-e9bd-4fa7-911b-51993f3571fd",
        "assignerShortName": "Canon",
        "cveId": "CVE-2023-6233",
        "datePublished": "2024-02-06T00:23:05.601Z",
        "dateReserved": "2023-11-21T06:05:08.309Z",
        "dateUpdated": "2025-06-17T21:29:27.325Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2023-6232 (GCVE-0-2023-6232)

    Vulnerability from nvd – Published: 2024-02-06 00:22 – Updated: 2025-06-17 21:29
    VLAI
    Summary
    Buffer overflow in the Address Book username process in authentication of Mobile Device Function of Office Multifunction Printers and Laser Printers(*) which may allow an attacker on the network segment to trigger the affected product being unresponsive or to execute arbitrary code.*: Satera LBP670C Series/Satera MF750C Series firmware v03.07 and earlier sold in Japan. Color imageCLASS LBP674C/Color imageCLASS X LBP1333C/Color imageCLASS MF750C Series/Color imageCLASS X MF1333C Series firmware v03.07 and earlier sold in US. i-SENSYS LBP673Cdw/C1333P/i-SENSYS MF750C Series/C1333i Series firmware v03.07 and earlier sold in Europe.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T08:21:17.927Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "vendor-advisory",
                  "x_transferred"
                ],
                "url": "https://psirt.canon/advisory-information/cp2024-001/"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_transferred"
                ],
                "url": "https://canon.jp/support/support-info/240205vulnerability-response"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_transferred"
                ],
                "url": "https://www.usa.canon.com/support/canon-product-advisories/Service-Notice-Regarding-Vulnerability-Measure-Against-Buffer-Overflow-for-Laser-Printers-and-Small-Office-Multifunctional-Printers"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_transferred"
                ],
                "url": "https://www.canon-europe.com/support/product-security-latest-news/"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2023-6232",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-02-06T14:35:58.316771Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-06-17T21:29:27.066Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "Satera LBP670C Series",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "03.07 and earlier"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "Satera MF750C Series",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "03.07 and earlier"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "Color imageCLASS LBP674C",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "03.07 and earlier"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "Color imageCLASS X LBP1333C",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "03.07 and earlier"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "Color imageCLASS MF750C Series",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "03.07 and earlier"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "Color imageCLASS X MF1333C Series",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "03.07 and earlier"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "i-SENSYS LBP673Cdw",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "03.07 and earlier"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "C1333P",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "03.07 and earlier"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "i-SENSYS MF750C Series",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "03.07 and earlier"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "C1333i Series",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "03.07 and earlier"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cp\u003eBuffer overflow in the Address Book username process in authentication of Mobile Device Function of Office Multifunction Printers and Laser Printers(*) which may allow an attacker on the network segment to trigger the affected product being unresponsive or to execute arbitrary code.*: Satera LBP670C Series/Satera MF750C Series firmware v03.07 and earlier sold in Japan. Color imageCLASS LBP674C/Color imageCLASS X LBP1333C/Color imageCLASS MF750C Series/Color imageCLASS X MF1333C Series firmware v03.07 and earlier sold in US. i-SENSYS LBP673Cdw/C1333P/i-SENSYS MF750C Series/C1333i Series firmware v03.07 and earlier sold in Europe.\u003c/p\u003e"
                }
              ],
              "value": "Buffer overflow in the Address Book username process in authentication of Mobile Device Function of Office Multifunction Printers and Laser Printers(*) which may allow an attacker on the network segment to trigger the affected product being unresponsive or to execute arbitrary code.*: Satera LBP670C Series/Satera MF750C Series firmware v03.07 and earlier sold in Japan. Color imageCLASS LBP674C/Color imageCLASS X LBP1333C/Color imageCLASS MF750C Series/Color imageCLASS X MF1333C Series firmware v03.07 and earlier sold in US. i-SENSYS LBP673Cdw/C1333P/i-SENSYS MF750C Series/C1333i Series firmware v03.07 and earlier sold in Europe.\n\n"
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 9.8,
                "baseSeverity": "CRITICAL",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-787",
                  "description": "CWE-787: Out-of-bounds Write",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-02-06T00:22:31.201Z",
            "orgId": "f98c90f0-e9bd-4fa7-911b-51993f3571fd",
            "shortName": "Canon"
          },
          "references": [
            {
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://psirt.canon/advisory-information/cp2024-001/"
            },
            {
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://canon.jp/support/support-info/240205vulnerability-response"
            },
            {
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://www.usa.canon.com/support/canon-product-advisories/Service-Notice-Regarding-Vulnerability-Measure-Against-Buffer-Overflow-for-Laser-Printers-and-Small-Office-Multifunctional-Printers"
            },
            {
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://www.canon-europe.com/support/product-security-latest-news/"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "x_generator": {
            "engine": "Vulnogram 0.1.0-dev"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "f98c90f0-e9bd-4fa7-911b-51993f3571fd",
        "assignerShortName": "Canon",
        "cveId": "CVE-2023-6232",
        "datePublished": "2024-02-06T00:22:31.201Z",
        "dateReserved": "2023-11-21T06:05:05.768Z",
        "dateUpdated": "2025-06-17T21:29:27.066Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2023-6231 (GCVE-0-2023-6231)

    Vulnerability from nvd – Published: 2024-02-06 00:22 – Updated: 2025-06-17 21:29
    VLAI
    Summary
    Buffer overflow in WSD probe request process of Office Multifunction Printers and Laser Printers(*) which may allow an attacker on the network segment to trigger the affected product being unresponsive or to execute arbitrary code.*: Satera LBP670C Series/Satera MF750C Series firmware v03.07 and earlier sold in Japan. Color imageCLASS LBP674C/Color imageCLASS X LBP1333C/Color imageCLASS MF750C Series/Color imageCLASS X MF1333C Series firmware v03.07 and earlier sold in US. i-SENSYS LBP673Cdw/C1333P/i-SENSYS MF750C Series/C1333i Series firmware v03.07 and earlier sold in Europe.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T08:21:17.935Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "vendor-advisory",
                  "x_transferred"
                ],
                "url": "https://psirt.canon/advisory-information/cp2024-001/"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_transferred"
                ],
                "url": "https://canon.jp/support/support-info/240205vulnerability-response"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_transferred"
                ],
                "url": "https://www.usa.canon.com/support/canon-product-advisories/Service-Notice-Regarding-Vulnerability-Measure-Against-Buffer-Overflow-for-Laser-Printers-and-Small-Office-Multifunctional-Printers"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_transferred"
                ],
                "url": "https://www.canon-europe.com/support/product-security-latest-news/"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2023-6231",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-02-06T14:35:58.316771Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-06-17T21:29:26.939Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "Satera LBP670C Series",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "03.07 and earlier"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "Satera MF750C Series",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "03.07 and earlier"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "Color imageCLASS LBP674C",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "03.07 and earlier"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "Color imageCLASS X LBP1333C",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "03.07 and earlier"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "Color imageCLASS MF750C Series",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "03.07 and earlier"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "Color imageCLASS X MF1333C Series",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "03.07 and earlier"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "i-SENSYS LBP673Cdw",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "03.07 and earlier"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "C1333P",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "03.07 and earlier"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "i-SENSYS MF750C Series",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "03.07 and earlier"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "C1333i Series",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "03.07 and earlier"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cp\u003eBuffer overflow in WSD probe request process of Office Multifunction Printers and Laser Printers(*) which may allow an attacker on the network segment to trigger the affected product being unresponsive or to execute arbitrary code.*: Satera LBP670C Series/Satera MF750C Series firmware v03.07 and earlier sold in Japan. Color imageCLASS LBP674C/Color imageCLASS X LBP1333C/Color imageCLASS MF750C Series/Color imageCLASS X MF1333C Series firmware v03.07 and earlier sold in US. i-SENSYS LBP673Cdw/C1333P/i-SENSYS MF750C Series/C1333i Series firmware v03.07 and earlier sold in Europe.\u003c/p\u003e"
                }
              ],
              "value": "Buffer overflow in WSD probe request process of Office Multifunction Printers and Laser Printers(*) which may allow an attacker on the network segment to trigger the affected product being unresponsive or to execute arbitrary code.*: Satera LBP670C Series/Satera MF750C Series firmware v03.07 and earlier sold in Japan. Color imageCLASS LBP674C/Color imageCLASS X LBP1333C/Color imageCLASS MF750C Series/Color imageCLASS X MF1333C Series firmware v03.07 and earlier sold in US. i-SENSYS LBP673Cdw/C1333P/i-SENSYS MF750C Series/C1333i Series firmware v03.07 and earlier sold in Europe.\n\n"
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 9.8,
                "baseSeverity": "CRITICAL",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-787",
                  "description": "CWE-787: Out-of-bounds Write",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-02-06T00:22:03.670Z",
            "orgId": "f98c90f0-e9bd-4fa7-911b-51993f3571fd",
            "shortName": "Canon"
          },
          "references": [
            {
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://psirt.canon/advisory-information/cp2024-001/"
            },
            {
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://canon.jp/support/support-info/240205vulnerability-response"
            },
            {
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://www.usa.canon.com/support/canon-product-advisories/Service-Notice-Regarding-Vulnerability-Measure-Against-Buffer-Overflow-for-Laser-Printers-and-Small-Office-Multifunctional-Printers"
            },
            {
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://www.canon-europe.com/support/product-security-latest-news/"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "x_generator": {
            "engine": "Vulnogram 0.1.0-dev"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "f98c90f0-e9bd-4fa7-911b-51993f3571fd",
        "assignerShortName": "Canon",
        "cveId": "CVE-2023-6231",
        "datePublished": "2024-02-06T00:22:03.670Z",
        "dateReserved": "2023-11-21T06:05:03.518Z",
        "dateUpdated": "2025-06-17T21:29:26.939Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2023-6230 (GCVE-0-2023-6230)

    Vulnerability from nvd – Published: 2024-02-06 00:21 – Updated: 2025-06-17 21:29
    VLAI
    Summary
    Buffer overflow in the Address Book password process in authentication of Mobile Device Function of Office Multifunction Printers and Laser Printers(*) which may allow an attacker on the network segment to trigger the affected product being unresponsive or to execute arbitrary code.*: Satera LBP670C Series/Satera MF750C Series firmware v03.07 and earlier sold in Japan. Color imageCLASS LBP674C/Color imageCLASS X LBP1333C/Color imageCLASS MF750C Series/Color imageCLASS X MF1333C Series firmware v03.07 and earlier sold in US. i-SENSYS LBP673Cdw/C1333P/i-SENSYS MF750C Series/C1333i Series firmware v03.07 and earlier sold in Europe.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T08:21:18.064Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "vendor-advisory",
                  "x_transferred"
                ],
                "url": "https://psirt.canon/advisory-information/cp2024-001/"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_transferred"
                ],
                "url": "https://canon.jp/support/support-info/240205vulnerability-response"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_transferred"
                ],
                "url": "https://www.usa.canon.com/support/canon-product-advisories/Service-Notice-Regarding-Vulnerability-Measure-Against-Buffer-Overflow-for-Laser-Printers-and-Small-Office-Multifunctional-Printers"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_transferred"
                ],
                "url": "https://www.canon-europe.com/support/product-security-latest-news/"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2023-6230",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-02-06T14:35:58.316771Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-06-17T21:29:26.771Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "Satera LBP670C Series",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "03.07 and earlier"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "Satera MF750C Series",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "03.07 and earlier"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "Color imageCLASS LBP674C",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "03.07 and earlier"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "Color imageCLASS X LBP1333C",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "03.07 and earlier"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "Color imageCLASS MF750C Series",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "03.07 and earlier"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "Color imageCLASS X MF1333C Series",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "03.07 and earlier"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "i-SENSYS LBP673Cdw",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "03.07 and earlier"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "C1333P",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "03.07 and earlier"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "i-SENSYS MF750C Series",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "03.07 and earlier"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "C1333i Series",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "03.07 and earlier"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cp\u003eBuffer overflow in the Address Book password process in authentication of Mobile Device Function of Office Multifunction Printers and Laser Printers(*) which may allow an attacker on the network segment to trigger the affected product being unresponsive or to execute arbitrary code.*: Satera LBP670C Series/Satera MF750C Series firmware v03.07 and earlier sold in Japan. Color imageCLASS LBP674C/Color imageCLASS X LBP1333C/Color imageCLASS MF750C Series/Color imageCLASS X MF1333C Series firmware v03.07 and earlier sold in US. i-SENSYS LBP673Cdw/C1333P/i-SENSYS MF750C Series/C1333i Series firmware v03.07 and earlier sold in Europe.\u003c/p\u003e"
                }
              ],
              "value": "Buffer overflow in the Address Book password process in authentication of Mobile Device Function of Office Multifunction Printers and Laser Printers(*) which may allow an attacker on the network segment to trigger the affected product being unresponsive or to execute arbitrary code.*: Satera LBP670C Series/Satera MF750C Series firmware v03.07 and earlier sold in Japan. Color imageCLASS LBP674C/Color imageCLASS X LBP1333C/Color imageCLASS MF750C Series/Color imageCLASS X MF1333C Series firmware v03.07 and earlier sold in US. i-SENSYS LBP673Cdw/C1333P/i-SENSYS MF750C Series/C1333i Series firmware v03.07 and earlier sold in Europe.\n\n"
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 9.8,
                "baseSeverity": "CRITICAL",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-787",
                  "description": "CWE-787: Out-of-bounds Write",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-02-06T00:21:33.337Z",
            "orgId": "f98c90f0-e9bd-4fa7-911b-51993f3571fd",
            "shortName": "Canon"
          },
          "references": [
            {
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://psirt.canon/advisory-information/cp2024-001/"
            },
            {
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://canon.jp/support/support-info/240205vulnerability-response"
            },
            {
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://www.usa.canon.com/support/canon-product-advisories/Service-Notice-Regarding-Vulnerability-Measure-Against-Buffer-Overflow-for-Laser-Printers-and-Small-Office-Multifunctional-Printers"
            },
            {
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://www.canon-europe.com/support/product-security-latest-news/"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "x_generator": {
            "engine": "Vulnogram 0.1.0-dev"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "f98c90f0-e9bd-4fa7-911b-51993f3571fd",
        "assignerShortName": "Canon",
        "cveId": "CVE-2023-6230",
        "datePublished": "2024-02-06T00:21:33.337Z",
        "dateReserved": "2023-11-21T06:04:51.711Z",
        "dateUpdated": "2025-06-17T21:29:26.771Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2023-6229 (GCVE-0-2023-6229)

    Vulnerability from nvd – Published: 2024-02-06 00:20 – Updated: 2025-06-17 21:29
    VLAI
    Summary
    Buffer overflow in CPCA PDL Resource Download process of Office Multifunction Printers and Laser Printers(*) which may allow an attacker on the network segment to trigger the affected product being unresponsive or to execute arbitrary code.*: Satera LBP670C Series/Satera MF750C Series firmware v03.07 and earlier sold in Japan. Color imageCLASS LBP674C/Color imageCLASS X LBP1333C/Color imageCLASS MF750C Series/Color imageCLASS X MF1333C Series firmware v03.07 and earlier sold in US. i-SENSYS LBP673Cdw/C1333P/i-SENSYS MF750C Series/C1333i Series firmware v03.07 and earlier sold in Europe.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T08:21:17.992Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "vendor-advisory",
                  "x_transferred"
                ],
                "url": "https://psirt.canon/advisory-information/cp2024-001/"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_transferred"
                ],
                "url": "https://canon.jp/support/support-info/240205vulnerability-response"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_transferred"
                ],
                "url": "https://www.usa.canon.com/support/canon-product-advisories/Service-Notice-Regarding-Vulnerability-Measure-Against-Buffer-Overflow-for-Laser-Printers-and-Small-Office-Multifunctional-Printers"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_transferred"
                ],
                "url": "https://www.canon-europe.com/support/product-security-latest-news/"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2023-6229",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-02-06T14:35:58.316771Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-06-17T21:29:26.638Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "Satera LBP670C Series",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "03.07 and earlier"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "Satera MF750C Series",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "03.07 and earlier"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "Color imageCLASS LBP674C",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "03.07 and earlier"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "Color imageCLASS X LBP1333C",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "03.07 and earlier"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "Color imageCLASS MF750C Series",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "03.07 and earlier"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "Color imageCLASS X MF1333C Series",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "03.07 and earlier"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "i-SENSYS LBP673Cdw",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "03.07 and earlier"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "C1333P",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "03.07 and earlier"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "i-SENSYS MF750C Series",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "03.07 and earlier"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "C1333i Series",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "03.07 and earlier"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cp\u003eBuffer overflow in CPCA PDL Resource Download process of Office Multifunction Printers and Laser Printers(*) which may allow an attacker on the network segment to trigger the affected product being unresponsive or to execute arbitrary code.*: Satera LBP670C Series/Satera MF750C Series firmware v03.07 and earlier sold in Japan. Color imageCLASS LBP674C/Color imageCLASS X LBP1333C/Color imageCLASS MF750C Series/Color imageCLASS X MF1333C Series firmware v03.07 and earlier sold in US. i-SENSYS LBP673Cdw/C1333P/i-SENSYS MF750C Series/C1333i Series firmware v03.07 and earlier sold in Europe.\u003c/p\u003e"
                }
              ],
              "value": "Buffer overflow in CPCA PDL Resource Download process of Office Multifunction Printers and Laser Printers(*) which may allow an attacker on the network segment to trigger the affected product being unresponsive or to execute arbitrary code.*: Satera LBP670C Series/Satera MF750C Series firmware v03.07 and earlier sold in Japan. Color imageCLASS LBP674C/Color imageCLASS X LBP1333C/Color imageCLASS MF750C Series/Color imageCLASS X MF1333C Series firmware v03.07 and earlier sold in US. i-SENSYS LBP673Cdw/C1333P/i-SENSYS MF750C Series/C1333i Series firmware v03.07 and earlier sold in Europe.\n\n"
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 9.8,
                "baseSeverity": "CRITICAL",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-787",
                  "description": "CWE-787: Out-of-bounds Write",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-02-06T00:20:48.446Z",
            "orgId": "f98c90f0-e9bd-4fa7-911b-51993f3571fd",
            "shortName": "Canon"
          },
          "references": [
            {
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://psirt.canon/advisory-information/cp2024-001/"
            },
            {
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://canon.jp/support/support-info/240205vulnerability-response"
            },
            {
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://www.usa.canon.com/support/canon-product-advisories/Service-Notice-Regarding-Vulnerability-Measure-Against-Buffer-Overflow-for-Laser-Printers-and-Small-Office-Multifunctional-Printers"
            },
            {
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://www.canon-europe.com/support/product-security-latest-news/"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "x_generator": {
            "engine": "Vulnogram 0.1.0-dev"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "f98c90f0-e9bd-4fa7-911b-51993f3571fd",
        "assignerShortName": "Canon",
        "cveId": "CVE-2023-6229",
        "datePublished": "2024-02-06T00:20:48.446Z",
        "dateReserved": "2023-11-21T06:04:37.815Z",
        "dateUpdated": "2025-06-17T21:29:26.638Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2025-14237 (GCVE-0-2025-14237)

    Vulnerability from cvelistv5 – Published: 2026-01-15 23:40 – Updated: 2026-02-26 15:04
    VLAI
    Summary
    Buffer overflow in XPS font parse processing on Small Office Multifunction Printers and Laser Printers(*) which may allow an attacker on the network segment to trigger the affected product being unresponsive or to execute arbitrary code. *: Satera LBP670C Series/Satera MF750C Series firmware v06.02 and earlier sold in Japan.Color imageCLASS LBP630C/Color imageCLASS MF650C Series/imageCLASS LBP230 Series/imageCLASS X LBP1238 II/imageCLASS MF450 Series/imageCLASS X MF1238 II/imageCLASS X MF1643i II/imageCLASS X MF1643iF II firmware v06.02 and earlier sold in US.i-SENSYS LBP630C Series/i-SENSYS MF650C Series/i-SENSYS LBP230 Series/1238P II/1238Pr II/i-SENSYS MF450 Series/i-SENSYS MF550 Series/1238i II/1238iF II/imageRUNNER 1643i II/imageRUNNER 1643iF II firmware v06.02 and earlier sold in Europe.
    SSVC
    Exploitation: none Automatable: yes Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    Impacted products
    Vendor Product Version
    Canon Inc. Satera LBP670C Series Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. Satera MF750C Series Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. Color imageCLASS LBP630C Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. Color imageCLASS MF650C Series Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. imageCLASS LBP230 Series Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. imageCLASS X LBP1238 II Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. imageCLASS MF450 Series Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. imageCLASS X MF1238 II Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. imageCLASS X MF1643i II Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. imageCLASS X MF1643iF II Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. i-SENSYS LBP630C Series Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. i-SENSYS MF650C Series Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. i-SENSYS LBP230 Series Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. 1238P II Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. 1238Pr II Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. i-SENSYS MF450 Series Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. i-SENSYS MF550 Series Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. 1238i II Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. 1238iF II Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. imageRUNNER 1643i II Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. imageRUNNER 1643iF II Affected: 06.02 and earlier
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-14237",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-01-17T04:55:22.276871Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-02-26T15:04:03.679Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Satera LBP670C Series",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "Satera MF750C Series",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "Color imageCLASS LBP630C",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "Color imageCLASS MF650C Series",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "imageCLASS LBP230 Series",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "imageCLASS X LBP1238 II",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "imageCLASS MF450 Series",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "imageCLASS X MF1238 II",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "imageCLASS X MF1643i II",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "imageCLASS X MF1643iF II",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "i-SENSYS LBP630C Series",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "i-SENSYS MF650C Series",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "i-SENSYS LBP230 Series",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "1238P II",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "1238Pr II",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "i-SENSYS MF450 Series",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "i-SENSYS MF550 Series",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "1238i II",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "1238iF II",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "imageRUNNER 1643i II",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "imageRUNNER 1643iF II",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cp\u003eBuffer overflow in XPS font parse processing on Small Office Multifunction Printers and Laser Printers(*) which may allow an attacker on the network segment to trigger the affected product being unresponsive or to execute arbitrary code. *: Satera LBP670C Series/Satera MF750C Series firmware v06.02 and earlier sold in Japan.Color imageCLASS LBP630C/Color imageCLASS MF650C Series/imageCLASS LBP230 Series/imageCLASS X LBP1238 II/imageCLASS MF450 Series/imageCLASS X MF1238 II/imageCLASS X MF1643i II/imageCLASS X MF1643iF II firmware v06.02 and earlier sold in US.i-SENSYS LBP630C Series/i-SENSYS MF650C Series/i-SENSYS LBP230 Series/1238P II/1238Pr II/i-SENSYS MF450 Series/i-SENSYS MF550 Series/1238i II/1238iF II/imageRUNNER 1643i II/imageRUNNER 1643iF II firmware v06.02 and earlier sold in Europe.\u003c/p\u003e"
                }
              ],
              "value": "Buffer overflow in XPS font parse processing on Small Office Multifunction Printers and Laser Printers(*) which may allow an attacker on the network segment to trigger the affected product being unresponsive or to execute arbitrary code. *: Satera LBP670C Series/Satera MF750C Series firmware v06.02 and earlier sold in Japan.Color imageCLASS LBP630C/Color imageCLASS MF650C Series/imageCLASS LBP230 Series/imageCLASS X LBP1238 II/imageCLASS MF450 Series/imageCLASS X MF1238 II/imageCLASS X MF1643i II/imageCLASS X MF1643iF II firmware v06.02 and earlier sold in US.i-SENSYS LBP630C Series/i-SENSYS MF650C Series/i-SENSYS LBP230 Series/1238P II/1238Pr II/i-SENSYS MF450 Series/i-SENSYS MF550 Series/1238i II/1238iF II/imageRUNNER 1643i II/imageRUNNER 1643iF II firmware v06.02 and earlier sold in Europe."
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "attackComplexity": "LOW",
                "attackRequirements": "NONE",
                "attackVector": "NETWORK",
                "baseScore": 9.3,
                "baseSeverity": "CRITICAL",
                "exploitMaturity": "NOT_DEFINED",
                "privilegesRequired": "NONE",
                "providerUrgency": "NOT_DEFINED",
                "subAvailabilityImpact": "NONE",
                "subConfidentialityImpact": "NONE",
                "subIntegrityImpact": "NONE",
                "userInteraction": "NONE",
                "valueDensity": "NOT_DEFINED",
                "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
                "version": "4.0",
                "vulnAvailabilityImpact": "HIGH",
                "vulnConfidentialityImpact": "HIGH",
                "vulnIntegrityImpact": "HIGH",
                "vulnerabilityResponseEffort": "NOT_DEFINED"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            },
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 9.8,
                "baseSeverity": "CRITICAL",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-787",
                  "description": "CWE-787: Out-of-bounds Write",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-01-15T23:40:35.434Z",
            "orgId": "f98c90f0-e9bd-4fa7-911b-51993f3571fd",
            "shortName": "Canon"
          },
          "references": [
            {
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://psirt.canon/advisory-information/cp2026-001/"
            },
            {
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://canon.jp/support/support-info/260115vulnerability-response"
            },
            {
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://www.usa.canon.com/support/canon-product-advisories/Service-Notice-Regarding-Remediation-Measure-Against-Potential-Buffer-Overflow-Vulnerability-in-Laser-Printers-and-Small-Office-Multifunctional-Printers"
            },
            {
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://www.canon-europe.com/support/product-security/"
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "f98c90f0-e9bd-4fa7-911b-51993f3571fd",
        "assignerShortName": "Canon",
        "cveId": "CVE-2025-14237",
        "datePublished": "2026-01-15T23:40:35.434Z",
        "dateReserved": "2025-12-07T23:53:44.786Z",
        "dateUpdated": "2026-02-26T15:04:03.679Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2025-14236 (GCVE-0-2025-14236)

    Vulnerability from cvelistv5 – Published: 2026-01-15 23:39 – Updated: 2026-02-26 15:04
    VLAI
    Summary
    Buffer overflow in Address Book attribute tag processing on Small Office Multifunction Printers(*) which may allow an attacker on the network segment to trigger the affected product being unresponsive or to execute arbitrary code. *: Satera LBP670C Series/Satera MF750C Series firmware v06.02 and earlier sold in Japan.Color imageCLASS LBP630C/Color imageCLASS MF650C Series/imageCLASS LBP230 Series/imageCLASS X LBP1238 II/imageCLASS MF450 Series/imageCLASS X MF1238 II/imageCLASS X MF1643i II/imageCLASS X MF1643iF II firmware v06.02 and earlier sold in US.i-SENSYS LBP630C Series/i-SENSYS MF650C Series/i-SENSYS LBP230 Series/1238P II/1238Pr II/i-SENSYS MF450 Series/i-SENSYS MF550 Series/1238i II/1238iF II/imageRUNNER 1643i II/imageRUNNER 1643iF II firmware v06.02 and earlier sold in Europe.
    SSVC
    Exploitation: none Automatable: yes Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    Impacted products
    Vendor Product Version
    Canon Inc. Satera LBP670C Series Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. Satera MF750C Series Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. Color imageCLASS LBP630C Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. Color imageCLASS MF650C Series Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. imageCLASS LBP230 Series Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. imageCLASS X LBP1238 II Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. imageCLASS MF450 Series Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. imageCLASS X MF1238 II Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. imageCLASS X MF1643i II Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. imageCLASS X MF1643iF II Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. i-SENSYS LBP630C Series Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. i-SENSYS MF650C Series Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. i-SENSYS LBP230 Series Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. 1238P II Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. 1238Pr II Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. i-SENSYS MF450 Series Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. i-SENSYS MF550 Series Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. 1238i II Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. 1238iF II Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. imageRUNNER 1643i II Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. imageRUNNER 1643iF II Affected: 06.02 and earlier
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-14236",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-01-17T04:55:21.233971Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-02-26T15:04:03.981Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Satera LBP670C Series",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "Satera MF750C Series",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "Color imageCLASS LBP630C",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "Color imageCLASS MF650C Series",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "imageCLASS LBP230 Series",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "imageCLASS X LBP1238 II",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "imageCLASS MF450 Series",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "imageCLASS X MF1238 II",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "imageCLASS X MF1643i II",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "imageCLASS X MF1643iF II",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "i-SENSYS LBP630C Series",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "i-SENSYS MF650C Series",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "i-SENSYS LBP230 Series",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "1238P II",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "1238Pr II",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "i-SENSYS MF450 Series",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "i-SENSYS MF550 Series",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "1238i II",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "1238iF II",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "imageRUNNER 1643i II",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "imageRUNNER 1643iF II",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cp\u003eBuffer overflow in Address Book attribute tag processing on Small Office Multifunction Printers(*) which may allow an attacker on the network segment to trigger the affected product being unresponsive or to execute arbitrary code. *: Satera LBP670C Series/Satera MF750C Series firmware v06.02 and earlier sold in Japan.Color imageCLASS LBP630C/Color imageCLASS MF650C Series/imageCLASS LBP230 Series/imageCLASS X LBP1238 II/imageCLASS MF450 Series/imageCLASS X MF1238 II/imageCLASS X MF1643i II/imageCLASS X MF1643iF II firmware v06.02 and earlier sold in US.i-SENSYS LBP630C Series/i-SENSYS MF650C Series/i-SENSYS LBP230 Series/1238P II/1238Pr II/i-SENSYS MF450 Series/i-SENSYS MF550 Series/1238i II/1238iF II/imageRUNNER 1643i II/imageRUNNER 1643iF II firmware v06.02 and earlier sold in Europe.\u003c/p\u003e"
                }
              ],
              "value": "Buffer overflow in Address Book attribute tag processing on Small Office Multifunction Printers(*) which may allow an attacker on the network segment to trigger the affected product being unresponsive or to execute arbitrary code. *: Satera LBP670C Series/Satera MF750C Series firmware v06.02 and earlier sold in Japan.Color imageCLASS LBP630C/Color imageCLASS MF650C Series/imageCLASS LBP230 Series/imageCLASS X LBP1238 II/imageCLASS MF450 Series/imageCLASS X MF1238 II/imageCLASS X MF1643i II/imageCLASS X MF1643iF II firmware v06.02 and earlier sold in US.i-SENSYS LBP630C Series/i-SENSYS MF650C Series/i-SENSYS LBP230 Series/1238P II/1238Pr II/i-SENSYS MF450 Series/i-SENSYS MF550 Series/1238i II/1238iF II/imageRUNNER 1643i II/imageRUNNER 1643iF II firmware v06.02 and earlier sold in Europe."
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "attackComplexity": "LOW",
                "attackRequirements": "NONE",
                "attackVector": "NETWORK",
                "baseScore": 9.3,
                "baseSeverity": "CRITICAL",
                "exploitMaturity": "NOT_DEFINED",
                "privilegesRequired": "NONE",
                "providerUrgency": "NOT_DEFINED",
                "subAvailabilityImpact": "NONE",
                "subConfidentialityImpact": "NONE",
                "subIntegrityImpact": "NONE",
                "userInteraction": "NONE",
                "valueDensity": "NOT_DEFINED",
                "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
                "version": "4.0",
                "vulnAvailabilityImpact": "HIGH",
                "vulnConfidentialityImpact": "HIGH",
                "vulnIntegrityImpact": "HIGH",
                "vulnerabilityResponseEffort": "NOT_DEFINED"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            },
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 9.8,
                "baseSeverity": "CRITICAL",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-787",
                  "description": "CWE-787: Out-of-bounds Write",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-01-15T23:39:50.760Z",
            "orgId": "f98c90f0-e9bd-4fa7-911b-51993f3571fd",
            "shortName": "Canon"
          },
          "references": [
            {
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://psirt.canon/advisory-information/cp2026-001/"
            },
            {
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://canon.jp/support/support-info/260115vulnerability-response"
            },
            {
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://www.usa.canon.com/support/canon-product-advisories/Service-Notice-Regarding-Remediation-Measure-Against-Potential-Buffer-Overflow-Vulnerability-in-Laser-Printers-and-Small-Office-Multifunctional-Printers"
            },
            {
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://www.canon-europe.com/support/product-security/"
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "f98c90f0-e9bd-4fa7-911b-51993f3571fd",
        "assignerShortName": "Canon",
        "cveId": "CVE-2025-14236",
        "datePublished": "2026-01-15T23:39:50.760Z",
        "dateReserved": "2025-12-07T23:53:42.485Z",
        "dateUpdated": "2026-02-26T15:04:03.981Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2025-14235 (GCVE-0-2025-14235)

    Vulnerability from cvelistv5 – Published: 2026-01-15 23:38 – Updated: 2026-02-26 15:04
    VLAI
    Summary
    Buffer overflow in XPS font fpgm data processing on Small Office Multifunction Printers and Laser Printers(*) which may allow an attacker on the network segment to trigger the affected product being unresponsive or to execute arbitrary code. *: Satera LBP670C Series/Satera MF750C Series firmware v06.02 and earlier sold in Japan.Color imageCLASS LBP630C/Color imageCLASS MF650C Series/imageCLASS LBP230 Series/imageCLASS X LBP1238 II/imageCLASS MF450 Series/imageCLASS X MF1238 II/imageCLASS X MF1643i II/imageCLASS X MF1643iF II firmware v06.02 and earlier sold in US.i-SENSYS LBP630C Series/i-SENSYS MF650C Series/i-SENSYS LBP230 Series/1238P II/1238Pr II/i-SENSYS MF450 Series/i-SENSYS MF550 Series/1238i II/1238iF II/imageRUNNER 1643i II/imageRUNNER 1643iF II firmware v06.02 and earlier sold in Europe.
    SSVC
    Exploitation: none Automatable: yes Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    Impacted products
    Vendor Product Version
    Canon Inc. Satera LBP670C Series Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. Satera MF750C Series Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. Color imageCLASS LBP630C Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. Color imageCLASS MF650C Series Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. imageCLASS LBP230 Series Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. imageCLASS X LBP1238 II Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. imageCLASS MF450 Series Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. imageCLASS X MF1238 II Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. imageCLASS X MF1643i II Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. imageCLASS X MF1643iF II Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. i-SENSYS LBP630C Series Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. i-SENSYS MF650C Series Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. i-SENSYS LBP230 Series Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. 1238P II Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. 1238Pr II Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. i-SENSYS MF450 Series Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. i-SENSYS MF550 Series Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. 1238i II Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. 1238iF II Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. imageRUNNER 1643i II Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. imageRUNNER 1643iF II Affected: 06.02 and earlier
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-14235",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-01-17T04:55:20.123768Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-02-26T15:04:04.493Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Satera LBP670C Series",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "Satera MF750C Series",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "Color imageCLASS LBP630C",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "Color imageCLASS MF650C Series",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "imageCLASS LBP230 Series",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "imageCLASS X LBP1238 II",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "imageCLASS MF450 Series",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "imageCLASS X MF1238 II",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "imageCLASS X MF1643i II",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "imageCLASS X MF1643iF II",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "i-SENSYS LBP630C Series",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "i-SENSYS MF650C Series",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "i-SENSYS LBP230 Series",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "1238P II",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "1238Pr II",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "i-SENSYS MF450 Series",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "i-SENSYS MF550 Series",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "1238i II",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "1238iF II",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "imageRUNNER 1643i II",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "imageRUNNER 1643iF II",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cp\u003eBuffer overflow in XPS font fpgm data processing on Small Office Multifunction Printers and Laser Printers(*) which may allow an attacker on the network segment to trigger the affected product being unresponsive or to execute arbitrary code. *: Satera LBP670C Series/Satera MF750C Series firmware v06.02 and earlier sold in Japan.Color imageCLASS LBP630C/Color imageCLASS MF650C Series/imageCLASS LBP230 Series/imageCLASS X LBP1238 II/imageCLASS MF450 Series/imageCLASS X MF1238 II/imageCLASS X MF1643i II/imageCLASS X MF1643iF II firmware v06.02 and earlier sold in US.i-SENSYS LBP630C Series/i-SENSYS MF650C Series/i-SENSYS LBP230 Series/1238P II/1238Pr II/i-SENSYS MF450 Series/i-SENSYS MF550 Series/1238i II/1238iF II/imageRUNNER 1643i II/imageRUNNER 1643iF II firmware v06.02 and earlier sold in Europe.\u003c/p\u003e"
                }
              ],
              "value": "Buffer overflow in XPS font fpgm data processing on Small Office Multifunction Printers and Laser Printers(*) which may allow an attacker on the network segment to trigger the affected product being unresponsive or to execute arbitrary code. *: Satera LBP670C Series/Satera MF750C Series firmware v06.02 and earlier sold in Japan.Color imageCLASS LBP630C/Color imageCLASS MF650C Series/imageCLASS LBP230 Series/imageCLASS X LBP1238 II/imageCLASS MF450 Series/imageCLASS X MF1238 II/imageCLASS X MF1643i II/imageCLASS X MF1643iF II firmware v06.02 and earlier sold in US.i-SENSYS LBP630C Series/i-SENSYS MF650C Series/i-SENSYS LBP230 Series/1238P II/1238Pr II/i-SENSYS MF450 Series/i-SENSYS MF550 Series/1238i II/1238iF II/imageRUNNER 1643i II/imageRUNNER 1643iF II firmware v06.02 and earlier sold in Europe."
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "attackComplexity": "LOW",
                "attackRequirements": "NONE",
                "attackVector": "NETWORK",
                "baseScore": 9.3,
                "baseSeverity": "CRITICAL",
                "exploitMaturity": "NOT_DEFINED",
                "privilegesRequired": "NONE",
                "providerUrgency": "NOT_DEFINED",
                "subAvailabilityImpact": "NONE",
                "subConfidentialityImpact": "NONE",
                "subIntegrityImpact": "NONE",
                "userInteraction": "NONE",
                "valueDensity": "NOT_DEFINED",
                "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
                "version": "4.0",
                "vulnAvailabilityImpact": "HIGH",
                "vulnConfidentialityImpact": "HIGH",
                "vulnIntegrityImpact": "HIGH",
                "vulnerabilityResponseEffort": "NOT_DEFINED"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            },
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 9.8,
                "baseSeverity": "CRITICAL",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-787",
                  "description": "CWE-787: Out-of-bounds Write",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-01-15T23:38:53.584Z",
            "orgId": "f98c90f0-e9bd-4fa7-911b-51993f3571fd",
            "shortName": "Canon"
          },
          "references": [
            {
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://psirt.canon/advisory-information/cp2026-001/"
            },
            {
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://canon.jp/support/support-info/260115vulnerability-response"
            },
            {
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://www.usa.canon.com/support/canon-product-advisories/Service-Notice-Regarding-Remediation-Measure-Against-Potential-Buffer-Overflow-Vulnerability-in-Laser-Printers-and-Small-Office-Multifunctional-Printers"
            },
            {
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://www.canon-europe.com/support/product-security/"
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "f98c90f0-e9bd-4fa7-911b-51993f3571fd",
        "assignerShortName": "Canon",
        "cveId": "CVE-2025-14235",
        "datePublished": "2026-01-15T23:38:53.584Z",
        "dateReserved": "2025-12-07T23:53:39.814Z",
        "dateUpdated": "2026-02-26T15:04:04.493Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2025-14234 (GCVE-0-2025-14234)

    Vulnerability from cvelistv5 – Published: 2026-01-15 23:38 – Updated: 2026-02-26 15:04
    VLAI
    Summary
    Buffer overflow in CPCA list processing on Small Office Multifunction Printers and Laser Printers(*) which may allow an attacker on the network segment to trigger the affected product being unresponsive or to execute arbitrary code. *: Satera LBP670C Series/Satera MF750C Series firmware v06.02 and earlier sold in Japan.Color imageCLASS LBP630C/Color imageCLASS MF650C Series/imageCLASS LBP230 Series/imageCLASS X LBP1238 II/imageCLASS MF450 Series/imageCLASS X MF1238 II/imageCLASS X MF1643i II/imageCLASS X MF1643iF II firmware v06.02 and earlier sold in US.i-SENSYS LBP630C Series/i-SENSYS MF650C Series/i-SENSYS LBP230 Series/1238P II/1238Pr II/i-SENSYS MF450 Series/i-SENSYS MF550 Series/1238i II/1238iF II/imageRUNNER 1643i II/imageRUNNER 1643iF II firmware v06.02 and earlier sold in Europe.
    SSVC
    Exploitation: none Automatable: yes Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    Impacted products
    Vendor Product Version
    Canon Inc. Satera LBP670C Series Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. Satera MF750C Series Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. Color imageCLASS LBP630C Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. Color imageCLASS MF650C Series Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. imageCLASS LBP230 Series Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. imageCLASS X LBP1238 II Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. imageCLASS MF450 Series Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. imageCLASS X MF1238 II Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. imageCLASS X MF1643i II Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. imageCLASS X MF1643iF II Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. i-SENSYS LBP630C Series Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. i-SENSYS MF650C Series Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. i-SENSYS LBP230 Series Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. 1238P II Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. 1238Pr II Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. i-SENSYS MF450 Series Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. i-SENSYS MF550 Series Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. 1238i II Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. 1238iF II Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. imageRUNNER 1643i II Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. imageRUNNER 1643iF II Affected: 06.02 and earlier
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-14234",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-01-17T04:55:18.971276Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-02-26T15:04:05.147Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Satera LBP670C Series",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "Satera MF750C Series",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "Color imageCLASS LBP630C",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "Color imageCLASS MF650C Series",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "imageCLASS LBP230 Series",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "imageCLASS X LBP1238 II",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "imageCLASS MF450 Series",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "imageCLASS X MF1238 II",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "imageCLASS X MF1643i II",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "imageCLASS X MF1643iF II",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "i-SENSYS LBP630C Series",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "i-SENSYS MF650C Series",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "i-SENSYS LBP230 Series",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "1238P II",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "1238Pr II",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "i-SENSYS MF450 Series",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "i-SENSYS MF550 Series",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "1238i II",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "1238iF II",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "imageRUNNER 1643i II",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "imageRUNNER 1643iF II",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cp\u003eBuffer overflow in CPCA list processing on Small Office Multifunction Printers and Laser Printers(*) which may allow an attacker on the network segment to trigger the affected product being unresponsive or to execute arbitrary code. *: Satera LBP670C Series/Satera MF750C Series firmware v06.02 and earlier sold in Japan.Color imageCLASS LBP630C/Color imageCLASS MF650C Series/imageCLASS LBP230 Series/imageCLASS X LBP1238 II/imageCLASS MF450 Series/imageCLASS X MF1238 II/imageCLASS X MF1643i II/imageCLASS X MF1643iF II firmware v06.02 and earlier sold in US.i-SENSYS LBP630C Series/i-SENSYS MF650C Series/i-SENSYS LBP230 Series/1238P II/1238Pr II/i-SENSYS MF450 Series/i-SENSYS MF550 Series/1238i II/1238iF II/imageRUNNER 1643i II/imageRUNNER 1643iF II firmware v06.02 and earlier sold in Europe.\u003c/p\u003e"
                }
              ],
              "value": "Buffer overflow in CPCA list processing on Small Office Multifunction Printers and Laser Printers(*) which may allow an attacker on the network segment to trigger the affected product being unresponsive or to execute arbitrary code. *: Satera LBP670C Series/Satera MF750C Series firmware v06.02 and earlier sold in Japan.Color imageCLASS LBP630C/Color imageCLASS MF650C Series/imageCLASS LBP230 Series/imageCLASS X LBP1238 II/imageCLASS MF450 Series/imageCLASS X MF1238 II/imageCLASS X MF1643i II/imageCLASS X MF1643iF II firmware v06.02 and earlier sold in US.i-SENSYS LBP630C Series/i-SENSYS MF650C Series/i-SENSYS LBP230 Series/1238P II/1238Pr II/i-SENSYS MF450 Series/i-SENSYS MF550 Series/1238i II/1238iF II/imageRUNNER 1643i II/imageRUNNER 1643iF II firmware v06.02 and earlier sold in Europe."
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "attackComplexity": "LOW",
                "attackRequirements": "NONE",
                "attackVector": "NETWORK",
                "baseScore": 9.3,
                "baseSeverity": "CRITICAL",
                "exploitMaturity": "NOT_DEFINED",
                "privilegesRequired": "NONE",
                "providerUrgency": "NOT_DEFINED",
                "subAvailabilityImpact": "NONE",
                "subConfidentialityImpact": "NONE",
                "subIntegrityImpact": "NONE",
                "userInteraction": "NONE",
                "valueDensity": "NOT_DEFINED",
                "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
                "version": "4.0",
                "vulnAvailabilityImpact": "HIGH",
                "vulnConfidentialityImpact": "HIGH",
                "vulnIntegrityImpact": "HIGH",
                "vulnerabilityResponseEffort": "NOT_DEFINED"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            },
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 9.8,
                "baseSeverity": "CRITICAL",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-787",
                  "description": "CWE-787: Out-of-bounds Write",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-01-15T23:38:13.313Z",
            "orgId": "f98c90f0-e9bd-4fa7-911b-51993f3571fd",
            "shortName": "Canon"
          },
          "references": [
            {
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://psirt.canon/advisory-information/cp2026-001/"
            },
            {
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://canon.jp/support/support-info/260115vulnerability-response"
            },
            {
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://www.usa.canon.com/support/canon-product-advisories/Service-Notice-Regarding-Remediation-Measure-Against-Potential-Buffer-Overflow-Vulnerability-in-Laser-Printers-and-Small-Office-Multifunctional-Printers"
            },
            {
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://www.canon-europe.com/support/product-security/"
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "f98c90f0-e9bd-4fa7-911b-51993f3571fd",
        "assignerShortName": "Canon",
        "cveId": "CVE-2025-14234",
        "datePublished": "2026-01-15T23:38:13.313Z",
        "dateReserved": "2025-12-07T23:53:37.575Z",
        "dateUpdated": "2026-02-26T15:04:05.147Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2025-14233 (GCVE-0-2025-14233)

    Vulnerability from cvelistv5 – Published: 2026-01-15 23:37 – Updated: 2026-02-26 15:04
    VLAI
    Summary
    Invalid free in CPCA file deletion processing on Small Office Multifunction Printers and Laser Printers(*) which may allow an attacker on the network segment to trigger the affected product being unresponsive or to execute arbitrary code. *: Satera LBP670C Series/Satera MF750C Series firmware v06.02 and earlier sold in Japan.Color imageCLASS LBP630C/Color imageCLASS MF650C Series/imageCLASS LBP230 Series/imageCLASS X LBP1238 II/imageCLASS MF450 Series/imageCLASS X MF1238 II/imageCLASS X MF1643i II/imageCLASS X MF1643iF II firmware v06.02 and earlier sold in US.i-SENSYS LBP630C Series/i-SENSYS MF650C Series/i-SENSYS LBP230 Series/1238P II/1238Pr II/i-SENSYS MF450 Series/i-SENSYS MF550 Series/1238i II/1238iF II/imageRUNNER 1643i II/imageRUNNER 1643iF II firmware v06.02 and earlier sold in Europe.
    SSVC
    Exploitation: none Automatable: yes Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-763 - Release of Invalid Pointer or Reference
    Assigner
    Impacted products
    Vendor Product Version
    Canon Inc. Satera LBP670C Series Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. Satera MF750C Series Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. Color imageCLASS LBP630C Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. Color imageCLASS MF650C Series Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. imageCLASS LBP230 Series Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. imageCLASS X LBP1238 II Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. imageCLASS MF450 Series Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. imageCLASS X MF1238 II Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. imageCLASS X MF1643i II Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. imageCLASS X MF1643iF II Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. i-SENSYS LBP630C Series Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. i-SENSYS MF650C Series Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. i-SENSYS LBP230 Series Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. 1238P II Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. 1238Pr II Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. i-SENSYS MF450 Series Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. i-SENSYS MF550 Series Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. 1238i II Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. 1238iF II Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. imageRUNNER 1643i II Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. imageRUNNER 1643iF II Affected: 06.02 and earlier
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-14233",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-01-17T04:55:17.853082Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-02-26T15:04:05.546Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Satera LBP670C Series",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "Satera MF750C Series",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "Color imageCLASS LBP630C",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "Color imageCLASS MF650C Series",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "imageCLASS LBP230 Series",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "imageCLASS X LBP1238 II",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "imageCLASS MF450 Series",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "imageCLASS X MF1238 II",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "imageCLASS X MF1643i II",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "imageCLASS X MF1643iF II",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "i-SENSYS LBP630C Series",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "i-SENSYS MF650C Series",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "i-SENSYS LBP230 Series",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "1238P II",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "1238Pr II",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "i-SENSYS MF450 Series",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "i-SENSYS MF550 Series",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "1238i II",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "1238iF II",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "imageRUNNER 1643i II",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "imageRUNNER 1643iF II",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cp\u003eInvalid free in CPCA file deletion processing on Small Office Multifunction Printers and Laser Printers(*) which may allow an attacker on the network segment to trigger the affected product being unresponsive or to execute arbitrary code. *: Satera LBP670C Series/Satera MF750C Series firmware v06.02 and earlier sold in Japan.Color imageCLASS LBP630C/Color imageCLASS MF650C Series/imageCLASS LBP230 Series/imageCLASS X LBP1238 II/imageCLASS MF450 Series/imageCLASS X MF1238 II/imageCLASS X MF1643i II/imageCLASS X MF1643iF II firmware v06.02 and earlier sold in US.i-SENSYS LBP630C Series/i-SENSYS MF650C Series/i-SENSYS LBP230 Series/1238P II/1238Pr II/i-SENSYS MF450 Series/i-SENSYS MF550 Series/1238i II/1238iF II/imageRUNNER 1643i II/imageRUNNER 1643iF II firmware v06.02 and earlier sold in Europe.\u003c/p\u003e"
                }
              ],
              "value": "Invalid free in CPCA file deletion processing on Small Office Multifunction Printers and Laser Printers(*) which may allow an attacker on the network segment to trigger the affected product being unresponsive or to execute arbitrary code. *: Satera LBP670C Series/Satera MF750C Series firmware v06.02 and earlier sold in Japan.Color imageCLASS LBP630C/Color imageCLASS MF650C Series/imageCLASS LBP230 Series/imageCLASS X LBP1238 II/imageCLASS MF450 Series/imageCLASS X MF1238 II/imageCLASS X MF1643i II/imageCLASS X MF1643iF II firmware v06.02 and earlier sold in US.i-SENSYS LBP630C Series/i-SENSYS MF650C Series/i-SENSYS LBP230 Series/1238P II/1238Pr II/i-SENSYS MF450 Series/i-SENSYS MF550 Series/1238i II/1238iF II/imageRUNNER 1643i II/imageRUNNER 1643iF II firmware v06.02 and earlier sold in Europe."
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "attackComplexity": "LOW",
                "attackRequirements": "NONE",
                "attackVector": "NETWORK",
                "baseScore": 9.3,
                "baseSeverity": "CRITICAL",
                "exploitMaturity": "NOT_DEFINED",
                "privilegesRequired": "NONE",
                "providerUrgency": "NOT_DEFINED",
                "subAvailabilityImpact": "NONE",
                "subConfidentialityImpact": "NONE",
                "subIntegrityImpact": "NONE",
                "userInteraction": "NONE",
                "valueDensity": "NOT_DEFINED",
                "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
                "version": "4.0",
                "vulnAvailabilityImpact": "HIGH",
                "vulnConfidentialityImpact": "HIGH",
                "vulnIntegrityImpact": "HIGH",
                "vulnerabilityResponseEffort": "NOT_DEFINED"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            },
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 9.8,
                "baseSeverity": "CRITICAL",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-763",
                  "description": "CWE-763: Release of Invalid Pointer or Reference",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-01-15T23:37:29.921Z",
            "orgId": "f98c90f0-e9bd-4fa7-911b-51993f3571fd",
            "shortName": "Canon"
          },
          "references": [
            {
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://psirt.canon/advisory-information/cp2026-001/"
            },
            {
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://canon.jp/support/support-info/260115vulnerability-response"
            },
            {
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://www.usa.canon.com/support/canon-product-advisories/Service-Notice-Regarding-Remediation-Measure-Against-Potential-Buffer-Overflow-Vulnerability-in-Laser-Printers-and-Small-Office-Multifunctional-Printers"
            },
            {
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://www.canon-europe.com/support/product-security/"
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "f98c90f0-e9bd-4fa7-911b-51993f3571fd",
        "assignerShortName": "Canon",
        "cveId": "CVE-2025-14233",
        "datePublished": "2026-01-15T23:37:29.921Z",
        "dateReserved": "2025-12-07T23:53:35.177Z",
        "dateUpdated": "2026-02-26T15:04:05.546Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2025-14232 (GCVE-0-2025-14232)

    Vulnerability from cvelistv5 – Published: 2026-01-15 23:36 – Updated: 2026-02-26 15:04
    VLAI
    Summary
    Buffer overflow in XML processing of XPS file in Small Office Multifunction Printers and Laser Printers(*) which may allow an attacker on the network segment to trigger the affected product being unresponsive or to execute arbitrary code. *: Satera LBP670C Series/Satera MF750C Series firmware v06.02 and earlier sold in Japan.Color imageCLASS LBP630C/Color imageCLASS MF650C Series/imageCLASS LBP230 Series/imageCLASS X LBP1238 II/imageCLASS MF450 Series/imageCLASS X MF1238 II/imageCLASS X MF1643i II/imageCLASS X MF1643iF II firmware v06.02 and earlier sold in US.i-SENSYS LBP630C Series/i-SENSYS MF650C Series/i-SENSYS LBP230 Series/1238P II/1238Pr II/i-SENSYS MF450 Series/i-SENSYS MF550 Series/1238i II/1238iF II/imageRUNNER 1643i II/imageRUNNER 1643iF II firmware v06.02 and earlier sold in Europe.
    SSVC
    Exploitation: none Automatable: yes Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    Impacted products
    Vendor Product Version
    Canon Inc. Satera LBP670C Series Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. Satera MF750C Series Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. Color imageCLASS LBP630C Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. Color imageCLASS MF650C Series Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. imageCLASS LBP230 Series Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. imageCLASS X LBP1238 II Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. imageCLASS MF450 Series Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. imageCLASS X MF1238 II Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. imageCLASS X MF1643i II Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. imageCLASS X MF1643iF II Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. i-SENSYS LBP630C Series Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. i-SENSYS MF650C Series Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. i-SENSYS LBP230 Series Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. 1238P II Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. 1238Pr II Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. i-SENSYS MF450 Series Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. i-SENSYS MF550 Series Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. 1238i II Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. 1238iF II Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. imageRUNNER 1643i II Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. imageRUNNER 1643iF II Affected: 06.02 and earlier
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-14232",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-01-17T04:55:16.757641Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-02-26T15:04:05.866Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Satera LBP670C Series",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "Satera MF750C Series",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "Color imageCLASS LBP630C",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "Color imageCLASS MF650C Series",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "imageCLASS LBP230 Series",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "imageCLASS X LBP1238 II",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "imageCLASS MF450 Series",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "imageCLASS X MF1238 II",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "imageCLASS X MF1643i II",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "imageCLASS X MF1643iF II",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "i-SENSYS LBP630C Series",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "i-SENSYS MF650C Series",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "i-SENSYS LBP230 Series",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "1238P II",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "1238Pr II",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "i-SENSYS MF450 Series",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "i-SENSYS MF550 Series",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "1238i II",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "1238iF II",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "imageRUNNER 1643i II",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "imageRUNNER 1643iF II",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cp\u003eBuffer overflow in XML processing of XPS file in Small Office Multifunction Printers and Laser Printers(*) which may allow an attacker on the network segment to trigger the affected product being unresponsive or to execute arbitrary code. *: Satera LBP670C Series/Satera MF750C Series firmware v06.02 and earlier sold in Japan.Color imageCLASS LBP630C/Color imageCLASS MF650C Series/imageCLASS LBP230 Series/imageCLASS X LBP1238 II/imageCLASS MF450 Series/imageCLASS X MF1238 II/imageCLASS X MF1643i II/imageCLASS X MF1643iF II firmware v06.02 and earlier sold in US.i-SENSYS LBP630C Series/i-SENSYS MF650C Series/i-SENSYS LBP230 Series/1238P II/1238Pr II/i-SENSYS MF450 Series/i-SENSYS MF550 Series/1238i II/1238iF II/imageRUNNER 1643i II/imageRUNNER 1643iF II firmware v06.02 and earlier sold in Europe.\u003c/p\u003e"
                }
              ],
              "value": "Buffer overflow in XML processing of XPS file in Small Office Multifunction Printers and Laser Printers(*) which may allow an attacker on the network segment to trigger the affected product being unresponsive or to execute arbitrary code. *: Satera LBP670C Series/Satera MF750C Series firmware v06.02 and earlier sold in Japan.Color imageCLASS LBP630C/Color imageCLASS MF650C Series/imageCLASS LBP230 Series/imageCLASS X LBP1238 II/imageCLASS MF450 Series/imageCLASS X MF1238 II/imageCLASS X MF1643i II/imageCLASS X MF1643iF II firmware v06.02 and earlier sold in US.i-SENSYS LBP630C Series/i-SENSYS MF650C Series/i-SENSYS LBP230 Series/1238P II/1238Pr II/i-SENSYS MF450 Series/i-SENSYS MF550 Series/1238i II/1238iF II/imageRUNNER 1643i II/imageRUNNER 1643iF II firmware v06.02 and earlier sold in Europe."
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "attackComplexity": "LOW",
                "attackRequirements": "NONE",
                "attackVector": "NETWORK",
                "baseScore": 9.3,
                "baseSeverity": "CRITICAL",
                "exploitMaturity": "NOT_DEFINED",
                "privilegesRequired": "NONE",
                "providerUrgency": "NOT_DEFINED",
                "subAvailabilityImpact": "NONE",
                "subConfidentialityImpact": "NONE",
                "subIntegrityImpact": "NONE",
                "userInteraction": "NONE",
                "valueDensity": "NOT_DEFINED",
                "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
                "version": "4.0",
                "vulnAvailabilityImpact": "HIGH",
                "vulnConfidentialityImpact": "HIGH",
                "vulnIntegrityImpact": "HIGH",
                "vulnerabilityResponseEffort": "NOT_DEFINED"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            },
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 9.8,
                "baseSeverity": "CRITICAL",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-787",
                  "description": "CWE-787: Out-of-bounds Write",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-01-15T23:36:27.072Z",
            "orgId": "f98c90f0-e9bd-4fa7-911b-51993f3571fd",
            "shortName": "Canon"
          },
          "references": [
            {
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://psirt.canon/advisory-information/cp2026-001/"
            },
            {
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://canon.jp/support/support-info/260115vulnerability-response"
            },
            {
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://www.usa.canon.com/support/canon-product-advisories/Service-Notice-Regarding-Remediation-Measure-Against-Potential-Buffer-Overflow-Vulnerability-in-Laser-Printers-and-Small-Office-Multifunctional-Printers"
            },
            {
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://www.canon-europe.com/support/product-security/"
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "f98c90f0-e9bd-4fa7-911b-51993f3571fd",
        "assignerShortName": "Canon",
        "cveId": "CVE-2025-14232",
        "datePublished": "2026-01-15T23:36:27.072Z",
        "dateReserved": "2025-12-07T23:53:33.202Z",
        "dateUpdated": "2026-02-26T15:04:05.866Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2025-14231 (GCVE-0-2025-14231)

    Vulnerability from cvelistv5 – Published: 2026-01-15 23:35 – Updated: 2026-02-26 15:04
    VLAI
    Summary
    Buffer overflow in print job processing by WSD on Small Office Multifunction Printers and Laser Printers(*) which may allow an attacker on the network segment to trigger the affected product being unresponsive or to execute arbitrary code. *: Satera LBP670C Series/Satera MF750C Series firmware v06.02 and earlier sold in Japan.Color imageCLASS LBP630C/Color imageCLASS MF650C Series/imageCLASS LBP230 Series/imageCLASS X LBP1238 II/imageCLASS MF450 Series/imageCLASS X MF1238 II/imageCLASS X MF1643i II/imageCLASS X MF1643iF II firmware v06.02 and earlier sold in US.i-SENSYS LBP630C Series/i-SENSYS MF650C Series/i-SENSYS LBP230 Series/1238P II/1238Pr II/i-SENSYS MF450 Series/i-SENSYS MF550 Series/1238i II/1238iF II/imageRUNNER 1643i II/imageRUNNER 1643iF II firmware v06.02 and earlier sold in Europe.
    SSVC
    Exploitation: none Automatable: yes Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    Impacted products
    Vendor Product Version
    Canon Inc. Satera LBP670C Series Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. Satera MF750C Series Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. Color imageCLASS LBP630C Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. Color imageCLASS MF650C Series Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. imageCLASS LBP230 Series Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. imageCLASS X LBP1238 II Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. imageCLASS MF450 Series Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. imageCLASS X MF1238 II Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. imageCLASS X MF1643i II Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. imageCLASS X MF1643iF II Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. i-SENSYS LBP630C Series Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. i-SENSYS MF650C Series Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. i-SENSYS LBP230 Series Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. 1238P II Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. 1238Pr II Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. i-SENSYS MF450 Series Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. i-SENSYS MF550 Series Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. 1238i II Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. 1238iF II Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. imageRUNNER 1643i II Affected: 06.02 and earlier
    Create a notification for this product.
    Canon Inc. imageRUNNER 1643iF II Affected: 06.02 and earlier
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-14231",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-01-17T04:55:14.523463Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-02-26T15:04:06.152Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Satera LBP670C Series",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "Satera MF750C Series",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "Color imageCLASS LBP630C",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "Color imageCLASS MF650C Series",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "imageCLASS LBP230 Series",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "imageCLASS X LBP1238 II",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "imageCLASS MF450 Series",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "imageCLASS X MF1238 II",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "imageCLASS X MF1643i II",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "imageCLASS X MF1643iF II",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "i-SENSYS LBP630C Series",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "i-SENSYS MF650C Series",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "i-SENSYS LBP230 Series",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "1238P II",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "1238Pr II",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "i-SENSYS MF450 Series",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "i-SENSYS MF550 Series",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "1238i II",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "1238iF II",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "imageRUNNER 1643i II",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            },
            {
              "product": "imageRUNNER 1643iF II",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "06.02 and earlier"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cp\u003eBuffer overflow in print job processing by WSD on Small Office Multifunction Printers and Laser Printers(*) which may allow an attacker on the network segment to trigger the affected product being unresponsive or to execute arbitrary code. *: Satera LBP670C Series/Satera MF750C Series firmware v06.02 and earlier sold in Japan.Color imageCLASS LBP630C/Color imageCLASS MF650C Series/imageCLASS LBP230 Series/imageCLASS X LBP1238 II/imageCLASS MF450 Series/imageCLASS X MF1238 II/imageCLASS X MF1643i II/imageCLASS X MF1643iF II firmware v06.02 and earlier sold in US.i-SENSYS LBP630C Series/i-SENSYS MF650C Series/i-SENSYS LBP230 Series/1238P II/1238Pr II/i-SENSYS MF450 Series/i-SENSYS MF550 Series/1238i II/1238iF II/imageRUNNER 1643i II/imageRUNNER 1643iF II firmware v06.02 and earlier sold in Europe.\u003c/p\u003e"
                }
              ],
              "value": "Buffer overflow in print job processing by WSD on Small Office Multifunction Printers and Laser Printers(*) which may allow an attacker on the network segment to trigger the affected product being unresponsive or to execute arbitrary code. *: Satera LBP670C Series/Satera MF750C Series firmware v06.02 and earlier sold in Japan.Color imageCLASS LBP630C/Color imageCLASS MF650C Series/imageCLASS LBP230 Series/imageCLASS X LBP1238 II/imageCLASS MF450 Series/imageCLASS X MF1238 II/imageCLASS X MF1643i II/imageCLASS X MF1643iF II firmware v06.02 and earlier sold in US.i-SENSYS LBP630C Series/i-SENSYS MF650C Series/i-SENSYS LBP230 Series/1238P II/1238Pr II/i-SENSYS MF450 Series/i-SENSYS MF550 Series/1238i II/1238iF II/imageRUNNER 1643i II/imageRUNNER 1643iF II firmware v06.02 and earlier sold in Europe."
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "attackComplexity": "LOW",
                "attackRequirements": "NONE",
                "attackVector": "NETWORK",
                "baseScore": 9.3,
                "baseSeverity": "CRITICAL",
                "exploitMaturity": "NOT_DEFINED",
                "privilegesRequired": "NONE",
                "providerUrgency": "NOT_DEFINED",
                "subAvailabilityImpact": "NONE",
                "subConfidentialityImpact": "NONE",
                "subIntegrityImpact": "NONE",
                "userInteraction": "NONE",
                "valueDensity": "NOT_DEFINED",
                "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
                "version": "4.0",
                "vulnAvailabilityImpact": "HIGH",
                "vulnConfidentialityImpact": "HIGH",
                "vulnIntegrityImpact": "HIGH",
                "vulnerabilityResponseEffort": "NOT_DEFINED"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            },
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 9.8,
                "baseSeverity": "CRITICAL",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-787",
                  "description": "CWE-787: Out-of-bounds Write",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-01-15T23:35:27.096Z",
            "orgId": "f98c90f0-e9bd-4fa7-911b-51993f3571fd",
            "shortName": "Canon"
          },
          "references": [
            {
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://psirt.canon/advisory-information/cp2026-001/"
            },
            {
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://canon.jp/support/support-info/260115vulnerability-response"
            },
            {
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://www.usa.canon.com/support/canon-product-advisories/Service-Notice-Regarding-Remediation-Measure-Against-Potential-Buffer-Overflow-Vulnerability-in-Laser-Printers-and-Small-Office-Multifunctional-Printers"
            },
            {
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://www.canon-europe.com/support/product-security/"
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "f98c90f0-e9bd-4fa7-911b-51993f3571fd",
        "assignerShortName": "Canon",
        "cveId": "CVE-2025-14231",
        "datePublished": "2026-01-15T23:35:27.096Z",
        "dateReserved": "2025-12-07T23:53:30.531Z",
        "dateUpdated": "2026-02-26T15:04:06.152Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2024-12649 (GCVE-0-2024-12649)

    Vulnerability from cvelistv5 – Published: 2025-01-28 00:39 – Updated: 2025-01-28 15:17
    VLAI
    Summary
    Buffer overflow in XPS data font processing of Small Office Multifunction Printers and Laser Printers(*) which may allow an attacker on the network segment to trigger the affected product being unresponsive or to execute arbitrary code. *: Satera MF656Cdw/Satera MF654Cdw firmware v05.04 and earlier sold in Japan. Color imageCLASS MF656Cdw/Color imageCLASS MF654Cdw/Color imageCLASS MF653Cdw/Color imageCLASS MF652Cdw/Color imageCLASS LBP633Cdw/Color imageCLASS LBP632Cdw firmware v05.04 and earlier sold in US. i-SENSYS MF657Cdw/i-SENSYS MF655Cdw/i-SENSYS MF651Cdw/i-SENSYS LBP633Cdw/i-SENSYS LBP631Cdw firmware v05.04 and earlier sold in Europe.
    SSVC
    Exploitation: none Automatable: yes Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2024-12649",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-01-28T14:55:47.353411Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-01-28T15:17:20.913Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Satera MF656Cdw",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "05.04 and earlier"
                }
              ]
            },
            {
              "product": "Satera MF654Cdw",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "05.04 and earlier"
                }
              ]
            },
            {
              "product": "Color imageCLASS MF656Cdw",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "05.04 and earlier"
                }
              ]
            },
            {
              "product": "Color imageCLASS MF654Cdw",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "05.04 and earlier"
                }
              ]
            },
            {
              "product": "Color imageCLASS MF653Cdw",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "05.04 and earlier"
                }
              ]
            },
            {
              "product": "Color imageCLASS MF652Cdw",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "05.04 and earlier"
                }
              ]
            },
            {
              "product": "Color imageCLASS LBP633Cdw",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "05.04 and earlier"
                }
              ]
            },
            {
              "product": "Color imageCLASS LBP632Cdw",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "05.04 and earlier"
                }
              ]
            },
            {
              "product": "i-SENSYS MF657Cdw",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "05.04 and earlier"
                }
              ]
            },
            {
              "product": "i-SENSYS MF655Cdw",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "05.04 and earlier"
                }
              ]
            },
            {
              "product": "i-SENSYS MF651Cdw",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "05.04 and earlier"
                }
              ]
            },
            {
              "product": "i-SENSYS LBP633Cdw",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "05.04 and earlier"
                }
              ]
            },
            {
              "product": "i-SENSYS LBP631Cdw",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "05.04 and earlier"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cp\u003eBuffer overflow in XPS data font processing of Small Office Multifunction Printers and Laser Printers(*) which may allow an attacker on the network segment to trigger the affected product being unresponsive or to execute arbitrary code. *: Satera MF656Cdw/Satera MF654Cdw firmware v05.04 and earlier sold in Japan. Color imageCLASS MF656Cdw/Color imageCLASS MF654Cdw/Color imageCLASS MF653Cdw/Color imageCLASS MF652Cdw/Color imageCLASS LBP633Cdw/Color imageCLASS LBP632Cdw firmware v05.04 and earlier sold in US. i-SENSYS MF657Cdw/i-SENSYS MF655Cdw/i-SENSYS MF651Cdw/i-SENSYS LBP633Cdw/i-SENSYS LBP631Cdw firmware v05.04 and earlier sold in Europe. \u003c/p\u003e"
                }
              ],
              "value": "Buffer overflow in XPS data font processing of Small Office Multifunction Printers and Laser Printers(*) which may allow an attacker on the network segment to trigger the affected product being unresponsive or to execute arbitrary code. *: Satera MF656Cdw/Satera MF654Cdw firmware v05.04 and earlier sold in Japan. Color imageCLASS MF656Cdw/Color imageCLASS MF654Cdw/Color imageCLASS MF653Cdw/Color imageCLASS MF652Cdw/Color imageCLASS LBP633Cdw/Color imageCLASS LBP632Cdw firmware v05.04 and earlier sold in US. i-SENSYS MF657Cdw/i-SENSYS MF655Cdw/i-SENSYS MF651Cdw/i-SENSYS LBP633Cdw/i-SENSYS LBP631Cdw firmware v05.04 and earlier sold in Europe."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 9.8,
                "baseSeverity": "CRITICAL",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-787",
                  "description": "CWE-787: Out-of-bounds Write",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-01-28T00:39:54.686Z",
            "orgId": "f98c90f0-e9bd-4fa7-911b-51993f3571fd",
            "shortName": "Canon"
          },
          "references": [
            {
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://psirt.canon/advisory-information/cp2025-001/"
            },
            {
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://canon.jp/support/support-info/250127vulnerability-response"
            },
            {
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://www.usa.canon.com/support/canon-product-advisories/service-notice-regarding-vulnerability-measure-against-buffer-overflow-for-laser-printers-and-small-office-multifunctional-printers"
            },
            {
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://www.canon-europe.com/support/product-security/#news"
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "f98c90f0-e9bd-4fa7-911b-51993f3571fd",
        "assignerShortName": "Canon",
        "cveId": "CVE-2024-12649",
        "datePublished": "2025-01-28T00:39:54.686Z",
        "dateReserved": "2024-12-16T02:42:01.467Z",
        "dateUpdated": "2025-01-28T15:17:20.913Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2024-12648 (GCVE-0-2024-12648)

    Vulnerability from cvelistv5 – Published: 2025-01-28 00:39 – Updated: 2025-01-28 15:17
    VLAI
    Summary
    Buffer overflow in TIFF data EXIF tag processing of Small Office Multifunction Printers and Laser Printers(*) which may allow an attacker on the network segment to trigger the affected product being unresponsive or to execute arbitrary code. *: Satera MF656Cdw/Satera MF654Cdw firmware v05.04 and earlier sold in Japan. Color imageCLASS MF656Cdw/Color imageCLASS MF654Cdw/Color imageCLASS MF653Cdw/Color imageCLASS MF652Cdw/Color imageCLASS LBP633Cdw/Color imageCLASS LBP632Cdw firmware v05.04 and earlier sold in US. i-SENSYS MF657Cdw/i-SENSYS MF655Cdw/i-SENSYS MF651Cdw/i-SENSYS LBP633Cdw/i-SENSYS LBP631Cdw firmware v05.04 and earlier sold in Europe.
    SSVC
    Exploitation: none Automatable: yes Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2024-12648",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-01-28T14:55:50.324601Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-01-28T15:17:30.024Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Satera MF656Cdw",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "05.04 and earlier"
                }
              ]
            },
            {
              "product": "Satera MF654Cdw",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "05.04 and earlier"
                }
              ]
            },
            {
              "product": "Color imageCLASS MF656Cdw",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "05.04 and earlier"
                }
              ]
            },
            {
              "product": "Color imageCLASS MF654Cdw",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "05.04 and earlier"
                }
              ]
            },
            {
              "product": "Color imageCLASS MF653Cdw",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "05.04 and earlier"
                }
              ]
            },
            {
              "product": "Color imageCLASS MF652Cdw",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "05.04 and earlier"
                }
              ]
            },
            {
              "product": "Color imageCLASS LBP633Cdw",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "05.04 and earlier"
                }
              ]
            },
            {
              "product": "Color imageCLASS LBP632Cdw",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "05.04 and earlier"
                }
              ]
            },
            {
              "product": "i-SENSYS MF657Cdw",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "05.04 and earlier"
                }
              ]
            },
            {
              "product": "i-SENSYS MF655Cdw",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "05.04 and earlier"
                }
              ]
            },
            {
              "product": "i-SENSYS MF651Cdw",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "05.04 and earlier"
                }
              ]
            },
            {
              "product": "i-SENSYS LBP633Cdw",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "05.04 and earlier"
                }
              ]
            },
            {
              "product": "i-SENSYS LBP631Cdw",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "05.04 and earlier"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cp\u003eBuffer overflow in TIFF data EXIF tag processing of Small Office Multifunction Printers and Laser Printers(*) which may allow an attacker on the network segment to trigger the affected product being unresponsive or to execute arbitrary code. *: Satera MF656Cdw/Satera MF654Cdw firmware v05.04 and earlier sold in Japan. Color imageCLASS MF656Cdw/Color imageCLASS MF654Cdw/Color imageCLASS MF653Cdw/Color imageCLASS MF652Cdw/Color imageCLASS LBP633Cdw/Color imageCLASS LBP632Cdw firmware v05.04 and earlier sold in US. i-SENSYS MF657Cdw/i-SENSYS MF655Cdw/i-SENSYS MF651Cdw/i-SENSYS LBP633Cdw/i-SENSYS LBP631Cdw firmware v05.04 and earlier sold in Europe. \u003c/p\u003e"
                }
              ],
              "value": "Buffer overflow in TIFF data EXIF tag processing of Small Office Multifunction Printers and Laser Printers(*) which may allow an attacker on the network segment to trigger the affected product being unresponsive or to execute arbitrary code. *: Satera MF656Cdw/Satera MF654Cdw firmware v05.04 and earlier sold in Japan. Color imageCLASS MF656Cdw/Color imageCLASS MF654Cdw/Color imageCLASS MF653Cdw/Color imageCLASS MF652Cdw/Color imageCLASS LBP633Cdw/Color imageCLASS LBP632Cdw firmware v05.04 and earlier sold in US. i-SENSYS MF657Cdw/i-SENSYS MF655Cdw/i-SENSYS MF651Cdw/i-SENSYS LBP633Cdw/i-SENSYS LBP631Cdw firmware v05.04 and earlier sold in Europe."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 9.8,
                "baseSeverity": "CRITICAL",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-787",
                  "description": "CWE-787: Out-of-bounds Write",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-01-28T00:39:15.098Z",
            "orgId": "f98c90f0-e9bd-4fa7-911b-51993f3571fd",
            "shortName": "Canon"
          },
          "references": [
            {
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://psirt.canon/advisory-information/cp2025-001/"
            },
            {
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://canon.jp/support/support-info/250127vulnerability-response"
            },
            {
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://www.usa.canon.com/support/canon-product-advisories/service-notice-regarding-vulnerability-measure-against-buffer-overflow-for-laser-printers-and-small-office-multifunctional-printers"
            },
            {
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://www.canon-europe.com/support/product-security/#news"
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "f98c90f0-e9bd-4fa7-911b-51993f3571fd",
        "assignerShortName": "Canon",
        "cveId": "CVE-2024-12648",
        "datePublished": "2025-01-28T00:39:15.098Z",
        "dateReserved": "2024-12-16T02:41:59.461Z",
        "dateUpdated": "2025-01-28T15:17:30.024Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2024-12647 (GCVE-0-2024-12647)

    Vulnerability from cvelistv5 – Published: 2025-01-28 00:38 – Updated: 2025-01-28 15:17
    VLAI
    Summary
    Buffer overflow in CPCA font download processing of Small Office Multifunction Printers and Laser Printers(*) which may allow an attacker on the network segment to trigger the affected product being unresponsive or to execute arbitrary code. *: Satera MF656Cdw/Satera MF654Cdw firmware v05.04 and earlier sold in Japan. Color imageCLASS MF656Cdw/Color imageCLASS MF654Cdw/Color imageCLASS MF653Cdw/Color imageCLASS MF652Cdw/Color imageCLASS LBP633Cdw/Color imageCLASS LBP632Cdw firmware v05.04 and earlier sold in US. i-SENSYS MF657Cdw/i-SENSYS MF655Cdw/i-SENSYS MF651Cdw/i-SENSYS LBP633Cdw/i-SENSYS LBP631Cdw firmware v05.04 and earlier sold in Europe.
    SSVC
    Exploitation: none Automatable: yes Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2024-12647",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-01-28T14:55:53.062158Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-01-28T15:17:41.020Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Satera MF656Cdw",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "05.04 and earlier"
                }
              ]
            },
            {
              "product": "Satera MF654Cdw",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "05.04 and earlier"
                }
              ]
            },
            {
              "product": "Color imageCLASS MF656Cdw",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "05.04 and earlier"
                }
              ]
            },
            {
              "product": "Color imageCLASS MF654Cdw",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "05.04 and earlier"
                }
              ]
            },
            {
              "product": "Color imageCLASS MF653Cdw",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "05.04 and earlier"
                }
              ]
            },
            {
              "product": "Color imageCLASS MF652Cdw",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "05.04 and earlier"
                }
              ]
            },
            {
              "product": "Color imageCLASS LBP633Cdw",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "05.04 and earlier"
                }
              ]
            },
            {
              "product": "Color imageCLASS LBP632Cdw",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "05.04 and earlier"
                }
              ]
            },
            {
              "product": "i-SENSYS MF657Cdw",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "05.04 and earlier"
                }
              ]
            },
            {
              "product": "i-SENSYS MF655Cdw",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "05.04 and earlier"
                }
              ]
            },
            {
              "product": "i-SENSYS MF651Cdw",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "05.04 and earlier"
                }
              ]
            },
            {
              "product": "i-SENSYS LBP633Cdw",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "05.04 and earlier"
                }
              ]
            },
            {
              "product": "i-SENSYS LBP631Cdw",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "05.04 and earlier"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cp\u003eBuffer overflow in CPCA font download processing of Small Office Multifunction Printers and Laser Printers(*) which may allow an attacker on the network segment to trigger the affected product being unresponsive or to execute arbitrary code. *: Satera MF656Cdw/Satera MF654Cdw firmware v05.04 and earlier sold in Japan. Color imageCLASS MF656Cdw/Color imageCLASS MF654Cdw/Color imageCLASS MF653Cdw/Color imageCLASS MF652Cdw/Color imageCLASS LBP633Cdw/Color imageCLASS LBP632Cdw firmware v05.04 and earlier sold in US. i-SENSYS MF657Cdw/i-SENSYS MF655Cdw/i-SENSYS MF651Cdw/i-SENSYS LBP633Cdw/i-SENSYS LBP631Cdw firmware v05.04 and earlier sold in Europe. \u003c/p\u003e"
                }
              ],
              "value": "Buffer overflow in CPCA font download processing of Small Office Multifunction Printers and Laser Printers(*) which may allow an attacker on the network segment to trigger the affected product being unresponsive or to execute arbitrary code. *: Satera MF656Cdw/Satera MF654Cdw firmware v05.04 and earlier sold in Japan. Color imageCLASS MF656Cdw/Color imageCLASS MF654Cdw/Color imageCLASS MF653Cdw/Color imageCLASS MF652Cdw/Color imageCLASS LBP633Cdw/Color imageCLASS LBP632Cdw firmware v05.04 and earlier sold in US. i-SENSYS MF657Cdw/i-SENSYS MF655Cdw/i-SENSYS MF651Cdw/i-SENSYS LBP633Cdw/i-SENSYS LBP631Cdw firmware v05.04 and earlier sold in Europe."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 9.8,
                "baseSeverity": "CRITICAL",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-787",
                  "description": "CWE-787: Out-of-bounds Write",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-01-28T00:38:17.973Z",
            "orgId": "f98c90f0-e9bd-4fa7-911b-51993f3571fd",
            "shortName": "Canon"
          },
          "references": [
            {
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://psirt.canon/advisory-information/cp2025-001/"
            },
            {
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://canon.jp/support/support-info/250127vulnerability-response"
            },
            {
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://www.usa.canon.com/support/canon-product-advisories/service-notice-regarding-vulnerability-measure-against-buffer-overflow-for-laser-printers-and-small-office-multifunctional-printers"
            },
            {
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://www.canon-europe.com/support/product-security/#news"
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "f98c90f0-e9bd-4fa7-911b-51993f3571fd",
        "assignerShortName": "Canon",
        "cveId": "CVE-2024-12647",
        "datePublished": "2025-01-28T00:38:17.973Z",
        "dateReserved": "2024-12-16T02:41:57.265Z",
        "dateUpdated": "2025-01-28T15:17:41.020Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2023-6234 (GCVE-0-2023-6234)

    Vulnerability from cvelistv5 – Published: 2024-02-06 00:23 – Updated: 2024-08-02 08:21
    VLAI
    Summary
    Buffer overflow in CPCA Color LUT Resource Download process of Office Multifunction Printers and Laser Printers(*) which may allow an attacker on the network segment to trigger the affected product being unresponsive or to execute arbitrary code.*: Satera LBP670C Series/Satera MF750C Series firmware v03.07 and earlier sold in Japan. Color imageCLASS LBP674C/Color imageCLASS X LBP1333C/Color imageCLASS MF750C Series/Color imageCLASS X MF1333C Series firmware v03.07 and earlier sold in US. i-SENSYS LBP673Cdw/C1333P/i-SENSYS MF750C Series/C1333i Series firmware v03.07 and earlier sold in Europe.
    SSVC
    Exploitation: none Automatable: yes Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    Impacted products
    Vendor Product Version
    Canon Inc. Satera LBP670C Series Affected: 03.07 and earlier
    Create a notification for this product.
    Canon Inc. Satera MF750C Series Affected: 03.07 and earlier
    Create a notification for this product.
    Canon Inc. Color imageCLASS LBP674C Affected: 03.07 and earlier
    Create a notification for this product.
    Canon Inc. Color imageCLASS X LBP1333C Affected: 03.07 and earlier
    Create a notification for this product.
    Canon Inc. Color imageCLASS MF750C Series Affected: 03.07 and earlier
    Create a notification for this product.
    Canon Inc. Color imageCLASS X MF1333C Series Affected: 03.07 and earlier
    Create a notification for this product.
    Canon Inc. i-SENSYS LBP673Cdw Affected: 03.07 and earlier
    Create a notification for this product.
    Canon Inc. C1333P Affected: 03.07 and earlier
    Create a notification for this product.
    Canon Inc. i-SENSYS MF750C Series Affected: 03.07 and earlier
    Create a notification for this product.
    Canon Inc. C1333i Series Affected: 03.07 and earlier
    Create a notification for this product.
    canon lbp674c Affected: 0 , ≤ 3.07 (custom)
        cpe:2.3:h:canon:lbp674c:-:*:*:*:*:*:*:*
    Create a notification for this product.
    canon lbp1333c Affected: 0 , ≤ 3.07 (custom)
        cpe:2.3:h:canon:lbp1333c:-:*:*:*:*:*:*:*
    Create a notification for this product.
    canon i-sensys_x_c1333p Affected: 0 , ≤ 3.07 (custom)
        cpe:2.3:h:canon:i-sensys_x_c1333p:-:*:*:*:*:*:*:*
    Create a notification for this product.
    canon i-sensys_lbp673cdw Affected: 0 , ≤ 3.07 (custom)
        cpe:2.3:h:canon:i-sensys_lbp673cdw:-:*:*:*:*:*:*:*
    Create a notification for this product.
    canon mf1333c Affected: 0 , ≤ 3.07 (custom)
        cpe:2.3:h:canon:mf1333c:-:*:*:*:*:*:*:*
    Create a notification for this product.
    canon mf750c Affected: 0 , ≤ 3.07 (custom)
        cpe:2.3:h:canon:mf750c:*:*:*:*:*:*:*:*
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "affected": [
              {
                "cpes": [
                  "cpe:2.3:h:canon:lbp674c:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "lbp674c",
                "vendor": "canon",
                "versions": [
                  {
                    "lessThanOrEqual": "3.07",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:h:canon:lbp1333c:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "lbp1333c",
                "vendor": "canon",
                "versions": [
                  {
                    "lessThanOrEqual": "3.07",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:h:canon:i-sensys_x_c1333p:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "i-sensys_x_c1333p",
                "vendor": "canon",
                "versions": [
                  {
                    "lessThanOrEqual": "3.07",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:h:canon:i-sensys_lbp673cdw:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "i-sensys_lbp673cdw",
                "vendor": "canon",
                "versions": [
                  {
                    "lessThanOrEqual": "3.07",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:h:canon:mf1333c:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "mf1333c",
                "vendor": "canon",
                "versions": [
                  {
                    "lessThanOrEqual": "3.07",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:h:canon:mf750c:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "mf750c",
                "vendor": "canon",
                "versions": [
                  {
                    "lessThanOrEqual": "3.07",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              }
            ],
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2023-6234",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-06-04T14:15:16.906621Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-06-04T17:16:57.552Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          },
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T08:21:17.875Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "vendor-advisory",
                  "x_transferred"
                ],
                "url": "https://psirt.canon/advisory-information/cp2024-001/"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_transferred"
                ],
                "url": "https://canon.jp/support/support-info/240205vulnerability-response"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_transferred"
                ],
                "url": "https://www.usa.canon.com/support/canon-product-advisories/Service-Notice-Regarding-Vulnerability-Measure-Against-Buffer-Overflow-for-Laser-Printers-and-Small-Office-Multifunctional-Printers"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_transferred"
                ],
                "url": "https://www.canon-europe.com/support/product-security-latest-news/"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "Satera LBP670C Series",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "03.07 and earlier"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "Satera MF750C Series",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "03.07 and earlier"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "Color imageCLASS LBP674C",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "03.07 and earlier"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "Color imageCLASS X LBP1333C",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "03.07 and earlier"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "Color imageCLASS MF750C Series",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "03.07 and earlier"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "Color imageCLASS X MF1333C Series",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "03.07 and earlier"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "i-SENSYS LBP673Cdw",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "03.07 and earlier"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "C1333P",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "03.07 and earlier"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "i-SENSYS MF750C Series",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "03.07 and earlier"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "C1333i Series",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "03.07 and earlier"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cp\u003eBuffer overflow in CPCA Color LUT Resource Download process of Office Multifunction Printers and Laser Printers(*) which may allow an attacker on the network segment to trigger the affected product being unresponsive or to execute arbitrary code.*: Satera LBP670C Series/Satera MF750C Series firmware v03.07 and earlier sold in Japan. Color imageCLASS LBP674C/Color imageCLASS X LBP1333C/Color imageCLASS MF750C Series/Color imageCLASS X MF1333C Series firmware v03.07 and earlier sold in US. i-SENSYS LBP673Cdw/C1333P/i-SENSYS MF750C Series/C1333i Series firmware v03.07 and earlier sold in Europe.\u003c/p\u003e"
                }
              ],
              "value": "Buffer overflow in CPCA Color LUT Resource Download process of Office Multifunction Printers and Laser Printers(*) which may allow an attacker on the network segment to trigger the affected product being unresponsive or to execute arbitrary code.*: Satera LBP670C Series/Satera MF750C Series firmware v03.07 and earlier sold in Japan. Color imageCLASS LBP674C/Color imageCLASS X LBP1333C/Color imageCLASS MF750C Series/Color imageCLASS X MF1333C Series firmware v03.07 and earlier sold in US. i-SENSYS LBP673Cdw/C1333P/i-SENSYS MF750C Series/C1333i Series firmware v03.07 and earlier sold in Europe.\n\n"
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 9.8,
                "baseSeverity": "CRITICAL",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-787",
                  "description": "CWE-787: Out-of-bounds Write",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-02-06T00:23:28.727Z",
            "orgId": "f98c90f0-e9bd-4fa7-911b-51993f3571fd",
            "shortName": "Canon"
          },
          "references": [
            {
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://psirt.canon/advisory-information/cp2024-001/"
            },
            {
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://canon.jp/support/support-info/240205vulnerability-response"
            },
            {
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://www.usa.canon.com/support/canon-product-advisories/Service-Notice-Regarding-Vulnerability-Measure-Against-Buffer-Overflow-for-Laser-Printers-and-Small-Office-Multifunctional-Printers"
            },
            {
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://www.canon-europe.com/support/product-security-latest-news/"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "x_generator": {
            "engine": "Vulnogram 0.1.0-dev"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "f98c90f0-e9bd-4fa7-911b-51993f3571fd",
        "assignerShortName": "Canon",
        "cveId": "CVE-2023-6234",
        "datePublished": "2024-02-06T00:23:28.727Z",
        "dateReserved": "2023-11-21T06:05:11.045Z",
        "dateUpdated": "2024-08-02T08:21:17.875Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2023-6233 (GCVE-0-2023-6233)

    Vulnerability from cvelistv5 – Published: 2024-02-06 00:23 – Updated: 2025-06-17 21:29
    VLAI
    Summary
    Buffer overflow in SLP attribute request process of Office Multifunction Printers and Laser Printers(*) which may allow an attacker on the network segment to trigger the affected product being unresponsive or to execute arbitrary code.*: Satera LBP670C Series/Satera MF750C Series firmware v03.07 and earlier sold in Japan. Color imageCLASS LBP674C/Color imageCLASS X LBP1333C/Color imageCLASS MF750C Series/Color imageCLASS X MF1333C Series firmware v03.07 and earlier sold in US. i-SENSYS LBP673Cdw/C1333P/i-SENSYS MF750C Series/C1333i Series firmware v03.07 and earlier sold in Europe.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T08:21:18.092Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "vendor-advisory",
                  "x_transferred"
                ],
                "url": "https://psirt.canon/advisory-information/cp2024-001/"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_transferred"
                ],
                "url": "https://canon.jp/support/support-info/240205vulnerability-response"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_transferred"
                ],
                "url": "https://www.usa.canon.com/support/canon-product-advisories/Service-Notice-Regarding-Vulnerability-Measure-Against-Buffer-Overflow-for-Laser-Printers-and-Small-Office-Multifunctional-Printers"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_transferred"
                ],
                "url": "https://www.canon-europe.com/support/product-security-latest-news/"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2023-6233",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-02-06T14:35:58.316771Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-06-17T21:29:27.325Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "Satera LBP670C Series",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "03.07 and earlier"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "Satera MF750C Series",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "03.07 and earlier"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "Color imageCLASS LBP674C",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "03.07 and earlier"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "Color imageCLASS X LBP1333C",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "03.07 and earlier"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "Color imageCLASS MF750C Series",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "03.07 and earlier"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "Color imageCLASS X MF1333C Series",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "03.07 and earlier"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "i-SENSYS LBP673Cdw",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "03.07 and earlier"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "C1333P",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "03.07 and earlier"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "i-SENSYS MF750C Series",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "03.07 and earlier"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "C1333i Series",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "03.07 and earlier"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cp\u003eBuffer overflow in SLP attribute request process of Office Multifunction Printers and Laser Printers(*) which may allow an attacker on the network segment to trigger the affected product being unresponsive or to execute arbitrary code.*: Satera LBP670C Series/Satera MF750C Series firmware v03.07 and earlier sold in Japan. Color imageCLASS LBP674C/Color imageCLASS X LBP1333C/Color imageCLASS MF750C Series/Color imageCLASS X MF1333C Series firmware v03.07 and earlier sold in US. i-SENSYS LBP673Cdw/C1333P/i-SENSYS MF750C Series/C1333i Series firmware v03.07 and earlier sold in Europe.\u003c/p\u003e"
                }
              ],
              "value": "Buffer overflow in SLP attribute request process of Office Multifunction Printers and Laser Printers(*) which may allow an attacker on the network segment to trigger the affected product being unresponsive or to execute arbitrary code.*: Satera LBP670C Series/Satera MF750C Series firmware v03.07 and earlier sold in Japan. Color imageCLASS LBP674C/Color imageCLASS X LBP1333C/Color imageCLASS MF750C Series/Color imageCLASS X MF1333C Series firmware v03.07 and earlier sold in US. i-SENSYS LBP673Cdw/C1333P/i-SENSYS MF750C Series/C1333i Series firmware v03.07 and earlier sold in Europe.\n\n"
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 9.8,
                "baseSeverity": "CRITICAL",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-787",
                  "description": "CWE-787: Out-of-bounds Write",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-02-06T00:23:05.601Z",
            "orgId": "f98c90f0-e9bd-4fa7-911b-51993f3571fd",
            "shortName": "Canon"
          },
          "references": [
            {
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://psirt.canon/advisory-information/cp2024-001/"
            },
            {
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://canon.jp/support/support-info/240205vulnerability-response"
            },
            {
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://www.usa.canon.com/support/canon-product-advisories/Service-Notice-Regarding-Vulnerability-Measure-Against-Buffer-Overflow-for-Laser-Printers-and-Small-Office-Multifunctional-Printers"
            },
            {
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://www.canon-europe.com/support/product-security-latest-news/"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "x_generator": {
            "engine": "Vulnogram 0.1.0-dev"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "f98c90f0-e9bd-4fa7-911b-51993f3571fd",
        "assignerShortName": "Canon",
        "cveId": "CVE-2023-6233",
        "datePublished": "2024-02-06T00:23:05.601Z",
        "dateReserved": "2023-11-21T06:05:08.309Z",
        "dateUpdated": "2025-06-17T21:29:27.325Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2023-6232 (GCVE-0-2023-6232)

    Vulnerability from cvelistv5 – Published: 2024-02-06 00:22 – Updated: 2025-06-17 21:29
    VLAI
    Summary
    Buffer overflow in the Address Book username process in authentication of Mobile Device Function of Office Multifunction Printers and Laser Printers(*) which may allow an attacker on the network segment to trigger the affected product being unresponsive or to execute arbitrary code.*: Satera LBP670C Series/Satera MF750C Series firmware v03.07 and earlier sold in Japan. Color imageCLASS LBP674C/Color imageCLASS X LBP1333C/Color imageCLASS MF750C Series/Color imageCLASS X MF1333C Series firmware v03.07 and earlier sold in US. i-SENSYS LBP673Cdw/C1333P/i-SENSYS MF750C Series/C1333i Series firmware v03.07 and earlier sold in Europe.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T08:21:17.927Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "vendor-advisory",
                  "x_transferred"
                ],
                "url": "https://psirt.canon/advisory-information/cp2024-001/"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_transferred"
                ],
                "url": "https://canon.jp/support/support-info/240205vulnerability-response"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_transferred"
                ],
                "url": "https://www.usa.canon.com/support/canon-product-advisories/Service-Notice-Regarding-Vulnerability-Measure-Against-Buffer-Overflow-for-Laser-Printers-and-Small-Office-Multifunctional-Printers"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_transferred"
                ],
                "url": "https://www.canon-europe.com/support/product-security-latest-news/"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2023-6232",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-02-06T14:35:58.316771Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-06-17T21:29:27.066Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "Satera LBP670C Series",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "03.07 and earlier"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "Satera MF750C Series",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "03.07 and earlier"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "Color imageCLASS LBP674C",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "03.07 and earlier"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "Color imageCLASS X LBP1333C",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "03.07 and earlier"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "Color imageCLASS MF750C Series",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "03.07 and earlier"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "Color imageCLASS X MF1333C Series",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "03.07 and earlier"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "i-SENSYS LBP673Cdw",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "03.07 and earlier"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "C1333P",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "03.07 and earlier"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "i-SENSYS MF750C Series",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "03.07 and earlier"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "C1333i Series",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "03.07 and earlier"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cp\u003eBuffer overflow in the Address Book username process in authentication of Mobile Device Function of Office Multifunction Printers and Laser Printers(*) which may allow an attacker on the network segment to trigger the affected product being unresponsive or to execute arbitrary code.*: Satera LBP670C Series/Satera MF750C Series firmware v03.07 and earlier sold in Japan. Color imageCLASS LBP674C/Color imageCLASS X LBP1333C/Color imageCLASS MF750C Series/Color imageCLASS X MF1333C Series firmware v03.07 and earlier sold in US. i-SENSYS LBP673Cdw/C1333P/i-SENSYS MF750C Series/C1333i Series firmware v03.07 and earlier sold in Europe.\u003c/p\u003e"
                }
              ],
              "value": "Buffer overflow in the Address Book username process in authentication of Mobile Device Function of Office Multifunction Printers and Laser Printers(*) which may allow an attacker on the network segment to trigger the affected product being unresponsive or to execute arbitrary code.*: Satera LBP670C Series/Satera MF750C Series firmware v03.07 and earlier sold in Japan. Color imageCLASS LBP674C/Color imageCLASS X LBP1333C/Color imageCLASS MF750C Series/Color imageCLASS X MF1333C Series firmware v03.07 and earlier sold in US. i-SENSYS LBP673Cdw/C1333P/i-SENSYS MF750C Series/C1333i Series firmware v03.07 and earlier sold in Europe.\n\n"
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 9.8,
                "baseSeverity": "CRITICAL",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-787",
                  "description": "CWE-787: Out-of-bounds Write",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-02-06T00:22:31.201Z",
            "orgId": "f98c90f0-e9bd-4fa7-911b-51993f3571fd",
            "shortName": "Canon"
          },
          "references": [
            {
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://psirt.canon/advisory-information/cp2024-001/"
            },
            {
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://canon.jp/support/support-info/240205vulnerability-response"
            },
            {
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://www.usa.canon.com/support/canon-product-advisories/Service-Notice-Regarding-Vulnerability-Measure-Against-Buffer-Overflow-for-Laser-Printers-and-Small-Office-Multifunctional-Printers"
            },
            {
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://www.canon-europe.com/support/product-security-latest-news/"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "x_generator": {
            "engine": "Vulnogram 0.1.0-dev"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "f98c90f0-e9bd-4fa7-911b-51993f3571fd",
        "assignerShortName": "Canon",
        "cveId": "CVE-2023-6232",
        "datePublished": "2024-02-06T00:22:31.201Z",
        "dateReserved": "2023-11-21T06:05:05.768Z",
        "dateUpdated": "2025-06-17T21:29:27.066Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2023-6231 (GCVE-0-2023-6231)

    Vulnerability from cvelistv5 – Published: 2024-02-06 00:22 – Updated: 2025-06-17 21:29
    VLAI
    Summary
    Buffer overflow in WSD probe request process of Office Multifunction Printers and Laser Printers(*) which may allow an attacker on the network segment to trigger the affected product being unresponsive or to execute arbitrary code.*: Satera LBP670C Series/Satera MF750C Series firmware v03.07 and earlier sold in Japan. Color imageCLASS LBP674C/Color imageCLASS X LBP1333C/Color imageCLASS MF750C Series/Color imageCLASS X MF1333C Series firmware v03.07 and earlier sold in US. i-SENSYS LBP673Cdw/C1333P/i-SENSYS MF750C Series/C1333i Series firmware v03.07 and earlier sold in Europe.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T08:21:17.935Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "vendor-advisory",
                  "x_transferred"
                ],
                "url": "https://psirt.canon/advisory-information/cp2024-001/"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_transferred"
                ],
                "url": "https://canon.jp/support/support-info/240205vulnerability-response"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_transferred"
                ],
                "url": "https://www.usa.canon.com/support/canon-product-advisories/Service-Notice-Regarding-Vulnerability-Measure-Against-Buffer-Overflow-for-Laser-Printers-and-Small-Office-Multifunctional-Printers"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_transferred"
                ],
                "url": "https://www.canon-europe.com/support/product-security-latest-news/"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2023-6231",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-02-06T14:35:58.316771Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-06-17T21:29:26.939Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "Satera LBP670C Series",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "03.07 and earlier"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "Satera MF750C Series",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "03.07 and earlier"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "Color imageCLASS LBP674C",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "03.07 and earlier"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "Color imageCLASS X LBP1333C",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "03.07 and earlier"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "Color imageCLASS MF750C Series",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "03.07 and earlier"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "Color imageCLASS X MF1333C Series",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "03.07 and earlier"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "i-SENSYS LBP673Cdw",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "03.07 and earlier"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "C1333P",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "03.07 and earlier"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "i-SENSYS MF750C Series",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "03.07 and earlier"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "C1333i Series",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "03.07 and earlier"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cp\u003eBuffer overflow in WSD probe request process of Office Multifunction Printers and Laser Printers(*) which may allow an attacker on the network segment to trigger the affected product being unresponsive or to execute arbitrary code.*: Satera LBP670C Series/Satera MF750C Series firmware v03.07 and earlier sold in Japan. Color imageCLASS LBP674C/Color imageCLASS X LBP1333C/Color imageCLASS MF750C Series/Color imageCLASS X MF1333C Series firmware v03.07 and earlier sold in US. i-SENSYS LBP673Cdw/C1333P/i-SENSYS MF750C Series/C1333i Series firmware v03.07 and earlier sold in Europe.\u003c/p\u003e"
                }
              ],
              "value": "Buffer overflow in WSD probe request process of Office Multifunction Printers and Laser Printers(*) which may allow an attacker on the network segment to trigger the affected product being unresponsive or to execute arbitrary code.*: Satera LBP670C Series/Satera MF750C Series firmware v03.07 and earlier sold in Japan. Color imageCLASS LBP674C/Color imageCLASS X LBP1333C/Color imageCLASS MF750C Series/Color imageCLASS X MF1333C Series firmware v03.07 and earlier sold in US. i-SENSYS LBP673Cdw/C1333P/i-SENSYS MF750C Series/C1333i Series firmware v03.07 and earlier sold in Europe.\n\n"
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 9.8,
                "baseSeverity": "CRITICAL",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-787",
                  "description": "CWE-787: Out-of-bounds Write",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-02-06T00:22:03.670Z",
            "orgId": "f98c90f0-e9bd-4fa7-911b-51993f3571fd",
            "shortName": "Canon"
          },
          "references": [
            {
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://psirt.canon/advisory-information/cp2024-001/"
            },
            {
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://canon.jp/support/support-info/240205vulnerability-response"
            },
            {
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://www.usa.canon.com/support/canon-product-advisories/Service-Notice-Regarding-Vulnerability-Measure-Against-Buffer-Overflow-for-Laser-Printers-and-Small-Office-Multifunctional-Printers"
            },
            {
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://www.canon-europe.com/support/product-security-latest-news/"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "x_generator": {
            "engine": "Vulnogram 0.1.0-dev"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "f98c90f0-e9bd-4fa7-911b-51993f3571fd",
        "assignerShortName": "Canon",
        "cveId": "CVE-2023-6231",
        "datePublished": "2024-02-06T00:22:03.670Z",
        "dateReserved": "2023-11-21T06:05:03.518Z",
        "dateUpdated": "2025-06-17T21:29:26.939Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }