We use these services and cookies to improve your user experience. You may opt out if you wish, however, this may limit some features on this site.

Please see our statement on Data Privacy.

Crisp.chat (Helpdesk and Chat)

Ok

THREATINT
PUBLISHED

CVE-2025-2146



Description

Buffer overflow in WebService Authentication processing of Small Office Multifunction Printers and Laser Printers(*) which may allow an attacker on the network segment to trigger the affected product being unresponsive or to execute arbitrary code. *: Satera MF656Cdw/Satera MF654Cdw/Satera MF551dw/Satera MF457dw firmware v05.07 and earlier sold in Japan. Color imageCLASS MF656Cdw/Color imageCLASS MF654Cdw/Color imageCLASS MF653Cdw/Color imageCLASS MF652Cdw/Color imageCLASS LBP633Cdw/Color imageCLASS LBP632Cdw/imageCLASS MF455dw/imageCLASS MF453dw/imageCLASS MF452dw/imageCLASS MF451dw/imageCLASS LBP237dw/imageCLASS LBP236dw/imageCLASS X MF1238 II/imageCLASS X MF1643i II/imageCLASS X MF1643iF II/imageCLASS X LBP1238 II firmware v05.07 and earlier sold in US. i-SENSYS MF657Cdw/i-SENSYS MF655Cdw/i-SENSYS MF651Cdw/i-SENSYS LBP633Cdw/i-SENSYS LBP631Cdw/i-SENSYS MF553dw/i-SENSYS MF552dw/i-SENSYS MF455dw/i-SENSYS MF453dw/i-SENSYS LBP236dw/i-SENSYS LBP233dw/imageRUNNER 1643iF II/imageRUNNER 1643i II/i-SENSYS X 1238iF II/i-SENSYS X 1238i II/i-SENSYS X 1238P II/i-SENSYS X 1238Pr II firmware v05.07 and earlier sold in Europe.

Reserved 2025-03-10 | Published 2025-05-25 | Updated 2025-05-27 | Assigner Canon


CRITICAL: 9.8CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Problem types

CWE-787: Out-of-bounds Write

Product status

05.07 and earlier
affected

05.07 and earlier
affected

05.07 and earlier
affected

05.07 and earlier
affected

05.07 and earlier
affected

05.07 and earlier
affected

05.07 and earlier
affected

05.07 and earlier
affected

05.07 and earlier
affected

05.07 and earlier
affected

05.07 and earlier
affected

05.07 and earlier
affected

05.07 and earlier
affected

05.07 and earlier
affected

05.07 and earlier
affected

05.07 and earlier
affected

05.07 and earlier
affected

05.07 and earlier
affected

05.07 and earlier
affected

05.07 and earlier
affected

05.07 and earlier
affected

05.07 and earlier
affected

05.07 and earlier
affected

05.07 and earlier
affected

05.07 and earlier
affected

05.07 and earlier
affected

05.07 and earlier
affected

05.07 and earlier
affected

05.07 and earlier
affected

05.07 and earlier
affected

05.07 and earlier
affected

05.07 and earlier
affected

05.07 and earlier
affected

05.07 and earlier
affected

05.07 and earlier
affected

05.07 and earlier
affected

05.07 and earlier
affected

References

psirt.canon/advisory-information/cp2025-001/ vendor-advisory

canon.jp/support/support-info/250127vulnerability-response vendor-advisory

www.usa.canon.com/...d-small-office-multifunctional-printers vendor-advisory

www.canon-europe.com/support/product-security/ vendor-advisory

cve.org (CVE-2025-2146)

nvd.nist.gov (CVE-2025-2146)

Download JSON

Share this page
https://cve.threatint.eu/CVE/CVE-2025-2146

Support options

Helpdesk Chat, Email, Knowledgebase
© Copyright 2025 THREATINT
Made in Cyprus with +
 System status
Find us on
Data Privacy
Terms of Use
Logo BSI Allianz für Cyber-Sicherheit
Error loading Crisp.chat. Please check your web content filter and browser plugins.