PT-2025-1924 · Canon · I-Sensys Mf651Cdw+12
Exluck
·
Published
2025-01-28
·
Updated
2026-01-26
·
CVE-2024-12647
CVSS v3.1
9.8
Critical
| Vector | AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
Satera MF656Cdw/Satera MF654Cdw versions v05.04 and earlier
Color imageCLASS MF656Cdw/Color imageCLASS MF654Cdw/Color imageCLASS MF653Cdw/Color imageCLASS MF652Cdw/Color imageCLASS LBP633Cdw/Color imageCLASS LBP632Cdw versions v05.04 and earlier
i-SENSYS MF657Cdw/i-SENSYS MF655Cdw/i-SENSYS MF651Cdw/i-SENSYS LBP633Cdw/i-SENSYS LBP631Cdw versions v05.04 and earlier
Description
A buffer overflow issue exists in the CPCA font download processing of certain Small Office Multifunction Printers and Laser Printers. This may allow an attacker on the network segment to trigger the affected product being unresponsive or to execute arbitrary code.
Recommendations
Satera MF656Cdw/Satera MF654Cdw versions v05.04 and earlier: Update the firmware to a version later than v05.04.
Color imageCLASS MF656Cdw/Color imageCLASS MF654Cdw/Color imageCLASS MF653Cdw/Color imageCLASS MF652Cdw/Color imageCLASS LBP633Cdw/Color imageCLASS LBP632Cdw versions v05.04 and earlier: Update the firmware to a version later than v05.04.
i-SENSYS MF657Cdw/i-SENSYS MF655Cdw/i-SENSYS MF651Cdw/i-SENSYS LBP633Cdw/i-SENSYS LBP631Cdw versions v05.04 and earlier: Update the firmware to a version later than v05.04.
Fix
RCE
Memory Corruption
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Color Imageclass Lbp632Cdw
Color Imageclass Lbp633Cdw
Color Imageclass Mf652Cdw
Color Imageclass Mf653Cdw
Color Imageclass Mf654Cdw
Color Imageclass Mf656Cdw
Satera Mf654Cdw
Satera Mf656Cdw
I-Sensys Lbp631Cdw
I-Sensys Lbp633Cdw
I-Sensys Mf651Cdw
I-Sensys Mf655Cdw
I-Sensys Mf657Cdw