CVE-2025-2146

Description

Buffer overflow in WebService Authentication processing of Small Office Multifunction Printers and Laser Printers(*) which may allow an attacker on the network segment to trigger the affected product being unresponsive or to execute arbitrary code. *: Satera MF656Cdw/Satera MF654Cdw/Satera MF551dw/Satera MF457dw firmware v05.07 and earlier sold in Japan. Color imageCLASS MF656Cdw/Color imageCLASS MF654Cdw/Color imageCLASS MF653Cdw/Color imageCLASS MF652Cdw/Color imageCLASS LBP633Cdw/Color imageCLASS LBP632Cdw/imageCLASS MF455dw/imageCLASS MF453dw/imageCLASS MF452dw/imageCLASS MF451dw/imageCLASS LBP237dw/imageCLASS LBP236dw/imageCLASS X MF1238 II/imageCLASS X MF1643i II/imageCLASS X MF1643iF II/imageCLASS X LBP1238 II firmware v05.07 and earlier sold in US. i-SENSYS MF657Cdw/i-SENSYS MF655Cdw/i-SENSYS MF651Cdw/i-SENSYS LBP633Cdw/i-SENSYS LBP631Cdw/i-SENSYS MF553dw/i-SENSYS MF552dw/i-SENSYS MF455dw/i-SENSYS MF453dw/i-SENSYS LBP236dw/i-SENSYS LBP233dw/imageRUNNER 1643iF II/imageRUNNER 1643i II/i-SENSYS X 1238iF II/i-SENSYS X 1238i II/i-SENSYS X 1238P II/i-SENSYS X 1238Pr II firmware v05.07 and earlier sold in Europe.

References

Link	Tags
https://psirt.canon/advisory-information/cp2025-001/	vendor advisory
https://canon.jp/support/support-info/250127vulnerability-response	vendor advisory
https://www.usa.canon.com/support/canon-product-advisories/service-notice-regarding-vulnerability-measure-against-buffer-overflow-for-laser-printers-and-small-office-multifunctional-printers	vendor advisory
https://www.canon-europe.com/support/product-security/#news	vendor advisory

Frequently Asked Questions

What is the severity of CVE-2025-2146?: CVE-2025-2146 has been scored as a critical severity vulnerability.
How to fix CVE-2025-2146?: To fix CVE-2025-2146, make sure you are using an up-to-date version of the affected component(s) by checking the vendor release notes. As for now, there are no other specific guidelines available.
Is CVE-2025-2146 being actively exploited in the wild?: As for now, there are no information to confirm that CVE-2025-2146 is being actively exploited. According to its EPSS score, there is a ~0% probability that this vulnerability will be exploited by malicious actors in the next 30 days.
What software or system is affected by CVE-2025-2146?: CVE-2025-2146 affects Canon Inc. Satera MF656Cdw, Canon Inc. Satera MF654Cdw, Canon Inc. Satera MF551dw, Canon Inc. Satera MF457dw, Canon Inc. Color imageCLASS MF656Cdw, Canon Inc. Color imageCLASS MF654Cdw, Canon Inc. Color imageCLASS MF653Cdw, Canon Inc. Color imageCLASS MF652Cdw, Canon Inc. Color imageCLASS LBP633Cdw, Canon Inc. Color imageCLASS LBP632Cdw, Canon Inc. imageCLASS MF455dw, Canon Inc. imageCLASS MF453dw, Canon Inc. imageCLASS MF452dw, Canon Inc. imageCLASS MF451dw, Canon Inc. imageCLASS LBP237dw, Canon Inc. imageCLASS LBP236dw, Canon Inc. imageCLASS X MF1238 II, Canon Inc. imageCLASS X MF1643i II, Canon Inc. imageCLASS X MF1643iF II, Canon Inc. imageCLASS X LBP1238 II, Canon Inc. i-SENSYS MF657Cdw, Canon Inc. i-SENSYS MF655Cdw, Canon Inc. i-SENSYS MF651Cdw, Canon Inc. i-SENSYS LBP633Cdw, Canon Inc. i-SENSYS LBP631Cdw, Canon Inc. i-SENSYS MF553dw, Canon Inc. i-SENSYS MF552dw, Canon Inc. i-SENSYS MF455dw, Canon Inc. i-SENSYS MF453dw, Canon Inc. i-SENSYS LBP236dw, Canon Inc. i-SENSYS LBP233dw, Canon Inc. imageRUNNER 1643iF II, Canon Inc. imageRUNNER 1643i II, Canon Inc. i-SENSYS X 1238iF II, Canon Inc. i-SENSYS X 1238i II, Canon Inc. i-SENSYS X 1238P II, Canon Inc. i-SENSYS X 1238Pr II.

Description

Category

CWE-787 – Out-of-bounds Write

References

Frequently Asked Questions