PT-2026-3191 · Canon · 1238I Ii+20
Published
2026-01-15
·
Updated
2026-03-16
·
CVE-2025-14236
CVSS v3.1
9.8
Critical
| Vector | AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
Satera LBP670C Series/Satera MF750C Series versions v06.02 and earlier
Color imageCLASS LBP630C/Color imageCLASS MF650C Series/imageCLASS LBP230 Series/imageCLASS X LBP1238 II/imageCLASS MF450 Series/imageCLASS X MF1238 II/imageCLASS X MF1643i II/imageCLASS X MF1643iF II versions v06.02 and earlier
i-SENSYS LBP630C Series/i-SENSYS MF650C Series/i-SENSYS LBP230 Series/1238P II/1238Pr II/i-SENSYS MF450 Series/i-SENSYS MF550 Series/1238i II/1238iF II/imageRUNNER 1643i II/imageRUNNER 1643iF II versions v06.02 and earlier
Description
A buffer overflow exists in the Address Book attribute tag processing of Small Office Multifunction Printers. This issue could allow an attacker on the same network segment to cause the device to become unresponsive or to execute arbitrary code.
Recommendations
Update Satera LBP670C Series/Satera MF750C Series firmware to a version later than v06.02.
Update Color imageCLASS LBP630C/Color imageCLASS MF650C Series/imageCLASS LBP230 Series/imageCLASS X LBP1238 II/imageCLASS MF450 Series/imageCLASS X MF1238 II/imageCLASS X MF1643i II/imageCLASS X MF1643iF II firmware to a version later than v06.02.
Update i-SENSYS LBP630C Series/i-SENSYS MF650C Series/i-SENSYS LBP230 Series/1238P II/1238Pr II/i-SENSYS MF450 Series/i-SENSYS MF550 Series/1238i II/1238iF II/imageRUNNER 1643i II/imageRUNNER 1643iF II firmware to a version later than v06.02.
Fix
RCE
Memory Corruption
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
1238P Ii
1238Pr Ii
1238I Ii
1238If Ii
Color Imageclass Lbp630C
Color Imageclass Mf650C Series
Satera Lbp670C Series
Satera Mf750C Series
I-Sensys Lbp230 Series
I-Sensys Lbp630C Series
I-Sensys Mf450 Series
I-Sensys Mf550 Series
I-Sensys Mf650C Series
Imageclass Lbp230 Series
Imageclass Mf450 Series
Imageclass X Lbp1238 Ii
Imageclass X Mf1238 Ii
Imageclass X Mf1643I Ii
Imageclass X Mf1643If Ii
Imagerunner 1643I Ii
Imagerunner 1643If Ii