Description
Buffer overflow in WebService Authentication processing of Small Office Multifunction Printers and Laser Printers(*) which may allow an attacker on the network segment to trigger the affected product being unresponsive or to execute arbitrary code. *: Satera MF656Cdw/Satera MF654Cdw/Satera MF551dw/Satera MF457dw firmware v05.07 and earlier sold in Japan. Color imageCLASS MF656Cdw/Color imageCLASS MF654Cdw/Color imageCLASS MF653Cdw/Color imageCLASS MF652Cdw/Color imageCLASS LBP633Cdw/Color imageCLASS LBP632Cdw/imageCLASS MF455dw/imageCLASS MF453dw/imageCLASS MF452dw/imageCLASS MF451dw/imageCLASS LBP237dw/imageCLASS LBP236dw/imageCLASS X MF1238 II/imageCLASS X MF1643i II/imageCLASS X MF1643iF II/imageCLASS X LBP1238 II firmware v05.07 and earlier sold in US. i-SENSYS MF657Cdw/i-SENSYS MF655Cdw/i-SENSYS MF651Cdw/i-SENSYS LBP633Cdw/i-SENSYS LBP631Cdw/i-SENSYS MF553dw/i-SENSYS MF552dw/i-SENSYS MF455dw/i-SENSYS MF453dw/i-SENSYS LBP236dw/i-SENSYS LBP233dw/imageRUNNER 1643iF II/imageRUNNER 1643i II/i-SENSYS X 1238iF II/i-SENSYS X 1238i II/i-SENSYS X 1238P II/i-SENSYS X 1238Pr II firmware v05.07 and earlier sold in Europe.
Products
- Canon i-SENSYS LBP233dw Firmware
- Canon i-SENSYS LBP236dw Firmware
- Canon i-SENSYS LBP631Cdw Firmware
- Canon i-SENSYS LBP633Cdw Firmware
- Canon I-SENSYS LBP633CDW Firmware
- Canon i-SENSYS MF453dw Firmware
- Canon i-SENSYS MF455dw Firmware
- Canon i-SENSYS MF552dw Firmware
- Canon i-SENSYS MF553dw Firmware
- Canon i-SENSYS MF651Cdw Firmware
- Canon i-SENSYS MF655Cdw Firmware
- Canon i-SENSYS MF657Cdw Firmware
- Canon i-SENSYS X 1238i II Firmware
- Canon i-SENSYS X 1238iF II Firmware
- Canon i-SENSYS X 1238P II Firmware
- Canon i-SENSYS X 1238PR II Firmware
- Canon ImageCLASS LBP236dw Firmware
- Canon ImageCLASS LBP237dw Firmware
- Canon imageCLASS LBP632Cdw Firmware
- Canon ImageCLASS LBP633Cdw Firmware
- Canon ImageCLASS MF451dw Firmware
- Canon imageCLASS MF452dw Firmware
- Canon imageCLASS MF453dw Firmware
- Canon imageCLASS MF455dw Firmware
- Canon ImageCLASS MF652Cdw Firmware
- Canon ImageCLASS MF653Cdw Firmware
- Canon ImageCLASS MF654Cdw Firmware
- Canon imageCLASS MF656Cdw Firmware
- Canon ImageCLASS X LBP1238 II Firmware
- Canon imageCLASS X MF1238 II Firmware
- Canon imageCLASS X MF1643i II Firmware
- Canon ImageCLASS X MF1643iF II Firmware
- Canon imageRUNNER 1643i II Firmware
- Canon imageRUNNER 1643iF II Firmware
- Canon Satera MF457dw Firmware
- Canon Satera MF551dw Firmware
- Canon Satera MF654Cdw Firmware
- Canon Satera MF656CDW Firmware
Questions to Ask Vendors
- Can you confirm whether your systems are affected by CVE-2025-2146, and if so, what steps are you currently taking to mitigate this vulnerability?
- What is your estimated timeline for fully resolving CVE-2025-2146 in your products or services, and how will you communicate updates on this issue to us as your customer?
Recommended Actions
- Check out the advisory links provided below.
References