CVE-2025-48499

Description

Out-of-bounds write vulnerability exists in FUJIFILM Business Innovation MFPs. A specially crafted IPP (Internet Printing Protocol) or LPD (Line Printer Daemon) packet may cause a denial-of-service (DoS) condition on an affected MFP. Resetting the MFP is required to recover from the denial-of-service (DoS) condition.

Category

6.9
CVSS
Severity: Medium
CVSS 4.0 •
CVSS 3.1 •
EPSS 0.04%
Affected: FUJIFILM Business Innovation Corp. DocuPrint CP225 w
Affected: FUJIFILM Business Innovation Corp. DocuPrint CP228 w
Affected: FUJIFILM Business Innovation Corp. DocuPrint CP115 w
Affected: FUJIFILM Business Innovation Corp. DocuPrint CP118 w
Affected: FUJIFILM Business Innovation Corp. DocuPrint CP116 w
Affected: FUJIFILM Business Innovation Corp. DocuPrint CP119 w
Affected: FUJIFILM Business Innovation Corp. DocuPrint CM225 fw
Affected: FUJIFILM Business Innovation Corp. DocuPrint CM228 fw
Affected: FUJIFILM Business Innovation Corp. DocuPrint CM115 w
Affected: FUJIFILM Business Innovation Corp. DocuPrint CM118 w
Affected: FUJIFILM Business Innovation Corp. Apoes 2150 N
Affected: FUJIFILM Business Innovation Corp. Apoes 2350 NDA
Affected: FUJIFILM Business Innovation Corp. Apoes 2150 ND
Affected: FUJIFILM Business Innovation Corp. Apoes 2150 NDA
Published at:
Updated at:

References

Link Tags
https://www.fujifilm.com/fbglobal/eng/company/news/notice/2025/0804_announce.html
https://jvn.jp/en/vu/JVNVU93897456/

Frequently Asked Questions

What is the severity of CVE-2025-48499?
CVE-2025-48499 has been scored as a medium severity vulnerability.
How to fix CVE-2025-48499?
To fix CVE-2025-48499, make sure you are using an up-to-date version of the affected component(s) by checking the vendor release notes. As for now, there are no other specific guidelines available.
Is CVE-2025-48499 being actively exploited in the wild?
As for now, there are no information to confirm that CVE-2025-48499 is being actively exploited. According to its EPSS score, there is a ~0% probability that this vulnerability will be exploited by malicious actors in the next 30 days.
What software or system is affected by CVE-2025-48499?
CVE-2025-48499 affects FUJIFILM Business Innovation Corp. DocuPrint CP225 w, FUJIFILM Business Innovation Corp. DocuPrint CP228 w, FUJIFILM Business Innovation Corp. DocuPrint CP115 w, FUJIFILM Business Innovation Corp. DocuPrint CP118 w, FUJIFILM Business Innovation Corp. DocuPrint CP116 w, FUJIFILM Business Innovation Corp. DocuPrint CP119 w, FUJIFILM Business Innovation Corp. DocuPrint CM225 fw, FUJIFILM Business Innovation Corp. DocuPrint CM228 fw, FUJIFILM Business Innovation Corp. DocuPrint CM115 w, FUJIFILM Business Innovation Corp. DocuPrint CM118 w, FUJIFILM Business Innovation Corp. Apoes 2150 N, FUJIFILM Business Innovation Corp. Apoes 2350 NDA, FUJIFILM Business Innovation Corp. Apoes 2150 ND, FUJIFILM Business Innovation Corp. Apoes 2150 NDA.
This platform uses data from the NIST NVD, MITRE CVE, MITRE CWE, First.org and CISA KEV but is not endorsed or certified by these entities. CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site.
© 2025 Under My Watch. All Rights Reserved.