PT-2025-1925 · Canon · I-Sensys Mf651Cdw+12
Neodyme
·
Published
2025-01-28
·
Updated
2026-01-26
·
CVE-2024-12648
CVSS v3.1
9.8
Critical
| Vector | AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
Color imageCLASS MF656Cdw versions 05.04 and earlier
Color imageCLASS MF654Cdw versions 05.04 and earlier
Color imageCLASS MF653Cdw versions 05.04 and earlier
Color imageCLASS MF652Cdw versions 05.04 and earlier
Color imageCLASS LBP633Cdw versions 05.04 and earlier
Color imageCLASS LBP632Cdw versions 05.04 and earlier
i-SENSYS MF657Cdw versions 05.04 and earlier
i-SENSYS MF655Cdw versions 05.04 and earlier
i-SENSYS MF651Cdw versions 05.04 and earlier
i-SENSYS LBP633Cdw versions 05.04 and earlier
i-SENSYS LBP631Cdw versions 05.04 and earlier
Satera MF656Cdw versions 05.04 and earlier
Satera MF654Cdw versions 05.04 and earlier
Description
The issue is related to a buffer overflow in TIFF data EXIF tag processing of Small Office Multifunction Printers and Laser Printers, which may allow an attacker on the network segment to trigger the affected product being unresponsive or to execute arbitrary code.
Recommendations
Color imageCLASS MF656Cdw version 05.04 and earlier: Update firmware to a version later than 05.04.
Color imageCLASS MF654Cdw version 05.04 and earlier: Update firmware to a version later than 05.04.
Color imageCLASS MF653Cdw version 05.04 and earlier: Update firmware to a version later than 05.04.
Color imageCLASS MF652Cdw version 05.04 and earlier: Update firmware to a version later than 05.04.
Color imageCLASS LBP633Cdw version 05.04 and earlier: Update firmware to a version later than 05.04.
Color imageCLASS LBP632Cdw version 05.04 and earlier: Update firmware to a version later than 05.04.
i-SENSYS MF657Cdw version 05.04 and earlier: Update firmware to a version later than 05.04.
i-SENSYS MF655Cdw version 05.04 and earlier: Update firmware to a version later than 05.04.
i-SENSYS MF651Cdw version 05.04 and earlier: Update firmware to a version later than 05.04.
i-SENSYS LBP633Cdw version 05.04 and earlier: Update firmware to a version later than 05.04.
i-SENSYS LBP631Cdw version 05.04 and earlier: Update firmware to a version later than 05.04.
Satera MF656Cdw version 05.04 and earlier: Update firmware to a version later than 05.04.
Satera MF654Cdw version 05.04 and earlier: Update firmware to a version later than 05.04.
Fix
RCE
Memory Corruption
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Color Imageclass Lbp632Cdw
Color Imageclass Lbp633Cdw
Color Imageclass Mf652Cdw
Color Imageclass Mf653Cdw
Color Imageclass Mf654Cdw
Color Imageclass Mf656Cdw
Satera Mf654Cdw
Satera Mf656Cdw
I-Sensys Lbp631Cdw
I-Sensys Lbp633Cdw
I-Sensys Mf651Cdw
I-Sensys Mf655Cdw
I-Sensys Mf657Cdw