{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2025-14234", "assignerOrgId": "f98c90f0-e9bd-4fa7-911b-51993f3571fd", "state": "PUBLISHED", "assignerShortName": "Canon", "dateReserved": "2025-12-07T23:53:37.575Z", "datePublished": "2026-01-15T23:38:13.313Z", "dateUpdated": "2026-01-17T04:55:18.163Z"}, "containers": {"cna": {"affected": [{"product": "Satera LBP670C Series", "vendor": "Canon Inc.", "versions": [{"status": "affected", "version": "06.02 and earlier"}]}, {"product": "Satera MF750C Series", "vendor": "Canon Inc.", "versions": [{"status": "affected", "version": "06.02 and earlier"}]}, {"product": "Color imageCLASS LBP630C", "vendor": "Canon Inc.", "versions": [{"status": "affected", "version": "06.02 and earlier"}]}, {"product": "Color imageCLASS MF650C Series", "vendor": "Canon Inc.", "versions": [{"status": "affected", "version": "06.02 and earlier"}]}, {"product": "imageCLASS LBP230 Series", "vendor": "Canon Inc.", "versions": [{"status": "affected", "version": "06.02 and earlier"}]}, {"product": "imageCLASS X LBP1238 II", "vendor": "Canon Inc.", "versions": [{"status": "affected", "version": "06.02 and earlier"}]}, {"product": "imageCLASS MF450 Series", "vendor": "Canon Inc.", "versions": [{"status": "affected", "version": "06.02 and earlier"}]}, {"product": "imageCLASS X MF1238 II", "vendor": "Canon Inc.", "versions": [{"status": "affected", "version": "06.02 and earlier"}]}, {"product": "imageCLASS X MF1643i II", "vendor": "Canon Inc.", "versions": [{"status": "affected", "version": "06.02 and earlier"}]}, {"product": "imageCLASS X MF1643iF II", "vendor": "Canon Inc.", "versions": [{"status": "affected", "version": "06.02 and earlier"}]}, {"product": "i-SENSYS LBP630C Series", "vendor": "Canon Inc.", "versions": [{"status": "affected", "version": "06.02 and earlier"}]}, {"product": "i-SENSYS MF650C Series", "vendor": "Canon Inc.", "versions": [{"status": "affected", "version": "06.02 and earlier"}]}, {"product": "i-SENSYS LBP230 Series", "vendor": "Canon Inc.", "versions": [{"status": "affected", "version": "06.02 and earlier"}]}, {"product": "1238P II", "vendor": "Canon Inc.", "versions": [{"status": "affected", "version": "06.02 and earlier"}]}, {"product": "1238Pr II", "vendor": "Canon Inc.", "versions": [{"status": "affected", "version": "06.02 and earlier"}]}, {"product": "i-SENSYS MF450 Series", "vendor": "Canon Inc.", "versions": [{"status": "affected", "version": "06.02 and earlier"}]}, {"product": "i-SENSYS MF550 Series", "vendor": "Canon Inc.", "versions": [{"status": "affected", "version": "06.02 and earlier"}]}, {"product": "1238i II", "vendor": "Canon Inc.", "versions": [{"status": "affected", "version": "06.02 and earlier"}]}, {"product": "1238iF II", "vendor": "Canon Inc.", "versions": [{"status": "affected", "version": "06.02 and earlier"}]}, {"product": "imageRUNNER 1643i II", "vendor": "Canon Inc.", "versions": [{"status": "affected", "version": "06.02 and earlier"}]}, {"product": "imageRUNNER 1643iF II", "vendor": "Canon Inc.", "versions": [{"status": "affected", "version": "06.02 and earlier"}]}], "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "<p>Buffer overflow in CPCA list processing on Small Office Multifunction Printers and Laser Printers(*) which may allow an attacker on the network segment to trigger the affected product being unresponsive or to execute arbitrary code. *: Satera LBP670C Series/Satera MF750C Series firmware v06.02 and earlier sold in Japan.Color imageCLASS LBP630C/Color imageCLASS MF650C Series/imageCLASS LBP230 Series/imageCLASS X LBP1238 II/imageCLASS MF450 Series/imageCLASS X MF1238 II/imageCLASS X MF1643i II/imageCLASS X MF1643iF II firmware v06.02 and earlier sold in US.i-SENSYS LBP630C Series/i-SENSYS MF650C Series/i-SENSYS LBP230 Series/1238P II/1238Pr II/i-SENSYS MF450 Series/i-SENSYS MF550 Series/1238i II/1238iF II/imageRUNNER 1643i II/imageRUNNER 1643iF II firmware v06.02 and earlier sold in Europe.</p>"}], "value": "Buffer overflow in CPCA list processing on Small Office Multifunction Printers and Laser Printers(*) which may allow an attacker on the network segment to trigger the affected product being unresponsive or to execute arbitrary code. *: Satera LBP670C Series/Satera MF750C Series firmware v06.02 and earlier sold in Japan.Color imageCLASS LBP630C/Color imageCLASS MF650C Series/imageCLASS LBP230 Series/imageCLASS X LBP1238 II/imageCLASS MF450 Series/imageCLASS X MF1238 II/imageCLASS X MF1643i II/imageCLASS X MF1643iF II firmware v06.02 and earlier sold in US.i-SENSYS LBP630C Series/i-SENSYS MF650C Series/i-SENSYS LBP230 Series/1238P II/1238Pr II/i-SENSYS MF450 Series/i-SENSYS MF550 Series/1238i II/1238iF II/imageRUNNER 1643i II/imageRUNNER 1643iF II firmware v06.02 and earlier sold in Europe."}], "metrics": [{"cvssV4_0": {"attackComplexity": "LOW", "attackRequirements": "NONE", "attackVector": "NETWORK", "baseScore": 9.3, "baseSeverity": "CRITICAL", "exploitMaturity": "NOT_DEFINED", "privilegesRequired": "NONE", "providerUrgency": "NOT_DEFINED", "subAvailabilityImpact": "NONE", "subConfidentialityImpact": "NONE", "subIntegrityImpact": "NONE", "userInteraction": "NONE", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N", "version": "4.0", "vulnAvailabilityImpact": "HIGH", "vulnConfidentialityImpact": "HIGH", "vulnIntegrityImpact": "HIGH", "vulnerabilityResponseEffort": "NOT_DEFINED"}, "format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}]}, {"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "problemTypes": [{"descriptions": [{"cweId": "CWE-787", "description": "CWE-787: Out-of-bounds Write", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"orgId": "f98c90f0-e9bd-4fa7-911b-51993f3571fd", "shortName": "Canon", "dateUpdated": "2026-01-15T23:38:13.313Z"}, "references": [{"tags": ["vendor-advisory"], "url": "https://psirt.canon/advisory-information/cp2026-001/"}, {"tags": ["vendor-advisory"], "url": "https://canon.jp/support/support-info/260115vulnerability-response"}, {"tags": ["vendor-advisory"], "url": "https://www.usa.canon.com/support/canon-product-advisories/Service-Notice-Regarding-Remediation-Measure-Against-Potential-Buffer-Overflow-Vulnerability-in-Laser-Printers-and-Small-Office-Multifunctional-Printers"}, {"tags": ["vendor-advisory"], "url": "https://www.canon-europe.com/support/product-security/"}]}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2026-01-16T00:00:00+00:00", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "total"}], "role": "CISA Coordinator", "version": "2.0.3", "id": "CVE-2025-14234"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-01-17T04:55:18.163Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2025-14234", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2026-01-16T15:43:52.682676Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-01-16T15:43:55.923Z"}}], "cna": {"metrics": [{"format": "CVSS", "cvssV4_0": {"version": "4.0", "baseScore": 9.3, "attackVector": "NETWORK", "baseSeverity": "CRITICAL", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N", "exploitMaturity": "NOT_DEFINED", "providerUrgency": "NOT_DEFINED", "userInteraction": "NONE", "attackComplexity": "LOW", "attackRequirements": "NONE", "privilegesRequired": "NONE", "subIntegrityImpact": "NONE", "vulnIntegrityImpact": "HIGH", "subAvailabilityImpact": "NONE", "vulnAvailabilityImpact": "HIGH", "subConfidentialityImpact": "NONE", "vulnConfidentialityImpact": "HIGH", "vulnerabilityResponseEffort": "NOT_DEFINED"}, "scenarios": [{"lang": "en", "value": "GENERAL"}]}, {"format": "CVSS", "cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 9.8, "attackVector": "NETWORK", "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "affected": [{"vendor": "Canon Inc.", "product": "Satera LBP670C Series", "versions": [{"status": "affected", "version": "06.02 and earlier"}]}, {"vendor": "Canon Inc.", "product": "Satera MF750C Series", "versions": [{"status": "affected", "version": "06.02 and earlier"}]}, {"vendor": "Canon Inc.", "product": "Color imageCLASS LBP630C", "versions": [{"status": "affected", "version": "06.02 and earlier"}]}, {"vendor": "Canon Inc.", "product": "Color imageCLASS MF650C Series", "versions": [{"status": "affected", "version": "06.02 and earlier"}]}, {"vendor": "Canon Inc.", "product": "imageCLASS LBP230 Series", "versions": [{"status": "affected", "version": "06.02 and earlier"}]}, {"vendor": "Canon Inc.", "product": "imageCLASS X LBP1238 II", "versions": [{"status": "affected", "version": "06.02 and earlier"}]}, {"vendor": "Canon Inc.", "product": "imageCLASS MF450 Series", "versions": [{"status": "affected", "version": "06.02 and earlier"}]}, {"vendor": "Canon Inc.", "product": "imageCLASS X MF1238 II", "versions": [{"status": "affected", "version": "06.02 and earlier"}]}, {"vendor": "Canon Inc.", "product": "imageCLASS X MF1643i II", "versions": [{"status": "affected", "version": "06.02 and earlier"}]}, {"vendor": "Canon Inc.", "product": "imageCLASS X MF1643iF II", "versions": [{"status": "affected", "version": "06.02 and earlier"}]}, {"vendor": "Canon Inc.", "product": "i-SENSYS LBP630C Series", "versions": [{"status": "affected", "version": "06.02 and earlier"}]}, {"vendor": "Canon Inc.", "product": "i-SENSYS MF650C Series", "versions": [{"status": "affected", "version": "06.02 and earlier"}]}, {"vendor": "Canon Inc.", "product": "i-SENSYS LBP230 Series", "versions": [{"status": "affected", "version": "06.02 and earlier"}]}, {"vendor": "Canon Inc.", "product": "1238P II", "versions": [{"status": "affected", "version": "06.02 and earlier"}]}, {"vendor": "Canon Inc.", "product": "1238Pr II", "versions": [{"status": "affected", "version": "06.02 and earlier"}]}, {"vendor": "Canon Inc.", "product": "i-SENSYS MF450 Series", "versions": [{"status": "affected", "version": "06.02 and earlier"}]}, {"vendor": "Canon Inc.", "product": "i-SENSYS MF550 Series", "versions": [{"status": "affected", "version": "06.02 and earlier"}]}, {"vendor": "Canon Inc.", "product": "1238i II", "versions": [{"status": "affected", "version": "06.02 and earlier"}]}, {"vendor": "Canon Inc.", "product": "1238iF II", "versions": [{"status": "affected", "version": "06.02 and earlier"}]}, {"vendor": "Canon Inc.", "product": "imageRUNNER 1643i II", "versions": [{"status": "affected", "version": "06.02 and earlier"}]}, {"vendor": "Canon Inc.", "product": "imageRUNNER 1643iF II", "versions": [{"status": "affected", "version": "06.02 and earlier"}]}], "references": [{"url": "https://psirt.canon/advisory-information/cp2026-001/", "tags": ["vendor-advisory"]}, {"url": "https://canon.jp/support/support-info/260115vulnerability-response", "tags": ["vendor-advisory"]}, {"url": "https://www.usa.canon.com/support/canon-product-advisories/Service-Notice-Regarding-Remediation-Measure-Against-Potential-Buffer-Overflow-Vulnerability-in-Laser-Printers-and-Small-Office-Multifunctional-Printers", "tags": ["vendor-advisory"]}, {"url": "https://www.canon-europe.com/support/product-security/", "tags": ["vendor-advisory"]}], "descriptions": [{"lang": "en", "value": "Buffer overflow in CPCA list processing on Small Office Multifunction Printers and Laser Printers(*) which may allow an attacker on the network segment to trigger the affected product being unresponsive or to execute arbitrary code. *: Satera LBP670C Series/Satera MF750C Series firmware v06.02 and earlier sold in Japan.Color imageCLASS LBP630C/Color imageCLASS MF650C Series/imageCLASS LBP230 Series/imageCLASS X LBP1238 II/imageCLASS MF450 Series/imageCLASS X MF1238 II/imageCLASS X MF1643i II/imageCLASS X MF1643iF II firmware v06.02 and earlier sold in US.i-SENSYS LBP630C Series/i-SENSYS MF650C Series/i-SENSYS LBP230 Series/1238P II/1238Pr II/i-SENSYS MF450 Series/i-SENSYS MF550 Series/1238i II/1238iF II/imageRUNNER 1643i II/imageRUNNER 1643iF II firmware v06.02 and earlier sold in Europe.", "supportingMedia": [{"type": "text/html", "value": "<p>Buffer overflow in CPCA list processing on Small Office Multifunction Printers and Laser Printers(*) which may allow an attacker on the network segment to trigger the affected product being unresponsive or to execute arbitrary code. *: Satera LBP670C Series/Satera MF750C Series firmware v06.02 and earlier sold in Japan.Color imageCLASS LBP630C/Color imageCLASS MF650C Series/imageCLASS LBP230 Series/imageCLASS X LBP1238 II/imageCLASS MF450 Series/imageCLASS X MF1238 II/imageCLASS X MF1643i II/imageCLASS X MF1643iF II firmware v06.02 and earlier sold in US.i-SENSYS LBP630C Series/i-SENSYS MF650C Series/i-SENSYS LBP230 Series/1238P II/1238Pr II/i-SENSYS MF450 Series/i-SENSYS MF550 Series/1238i II/1238iF II/imageRUNNER 1643i II/imageRUNNER 1643iF II firmware v06.02 and earlier sold in Europe.</p>", "base64": false}]}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-787", "description": "CWE-787: Out-of-bounds Write"}]}], "providerMetadata": {"orgId": "f98c90f0-e9bd-4fa7-911b-51993f3571fd", "shortName": "Canon", "dateUpdated": "2026-01-15T23:38:13.313Z"}}}, "cveMetadata": {"cveId": "CVE-2025-14234", "state": "PUBLISHED", "dateUpdated": "2026-01-17T04:55:18.163Z", "dateReserved": "2025-12-07T23:53:37.575Z", "assignerOrgId": "f98c90f0-e9bd-4fa7-911b-51993f3571fd", "datePublished": "2026-01-15T23:38:13.313Z", "assignerShortName": "Canon"}, "dataVersion": "5.2"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:canon:mf455dw_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "E97C016E-CE05-4F54-B4F6-CB44451E7025", "versionEndIncluding": "06.02", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:canon:mf455dw:-:*:*:*:*:*:*:*", "matchCriteriaId": "376C5E10-0D6C-405D-BC63-BDE7257A8142", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:canon:mf453dw_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "A65134F0-B34B-42BF-B0DD-3ED5DFB0EB08", "versionEndIncluding": "06.02", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:canon:mf453dw:-:*:*:*:*:*:*:*", "matchCriteriaId": "020E1E4D-4055-446C-A403-544F50236262", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:canon:mf452dw_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "3DB87B25-98FE-47A0-B2C3-D2CDD0E08910", "versionEndIncluding": "06.02", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:canon:mf452dw:-:*:*:*:*:*:*:*", "matchCriteriaId": "5C814016-6D9B-483D-9C29-95E4624C6CA4", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:canon:mf451dw_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "3440DC39-8EE8-49A3-96E4-09D1ED5112E2", "versionEndIncluding": "06.02", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:canon:mf451dw:-:*:*:*:*:*:*:*", "matchCriteriaId": "700050B9-DA11-4D63-A3DB-D6924DD7F3DF", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:canon:mf654cdw_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "6144CE24-D420-4253-A047-4B2A21E36153", "versionEndIncluding": "06.02", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:canon:mf654cdw:-:*:*:*:*:*:*:*", "matchCriteriaId": "396973A5-0427-460C-A268-F44DE2E54C29", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:canon:mf656cdw_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "A2070566-9E21-464F-A85E-B4677CAEB4C8", "versionEndIncluding": "06.02", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:canon:mf656cdw:-:*:*:*:*:*:*:*", "matchCriteriaId": "C4A3D591-82ED-42C4-B724-EDFA5E196066", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:canon:mf653cdw_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "8DC4A58D-AAD1-458B-A298-E9DDA48B8509", "versionEndIncluding": "06.02", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:canon:mf653cdw:-:*:*:*:*:*:*:*", "matchCriteriaId": "31A2712C-6508-4DA4-B1EE-4A665063D9E8", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:canon:mf652cw_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "4FE4781E-1F80-46BE-853A-34F637AEE709", "versionEndIncluding": "06.02", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:canon:mf652cdw:-:*:*:*:*:*:*:*", "matchCriteriaId": "E67819E8-5A16-4552-A5DC-07CC1207AC54", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:canon:mf1238_ii_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "7F071041-7B34-44E2-BCC6-D35079DA4DE6", "versionEndIncluding": "06.02", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:canon:mf1238_ii:-:*:*:*:*:*:*:*", "matchCriteriaId": "8B1DA9BB-15C1-4D4D-B73C-C995E859ACDC", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:canon:mf1643if_ii_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "1B14B75C-B5A9-4916-B0C2-140E4530D21A", "versionEndIncluding": "06.02", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:canon:mf1643if_ii:-:*:*:*:*:*:*:*", "matchCriteriaId": "264748B9-82FD-466C-894B-232305D930E4", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:canon:mf1643i_ii_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "54C17BA1-1D30-4810-B6CB-AA771115AE1C", "versionEndIncluding": "06.02", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:canon:mf1643i_ii:-:*:*:*:*:*:*:*", "matchCriteriaId": "60EF8B7A-8184-469E-AB2B-C13C24E4F01C", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:canon:lbp237dw_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "C9012E07-C73F-4F78-A16C-305EA9F3AB76", "versionEndIncluding": "06.02", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:canon:lbp237dw:-:*:*:*:*:*:*:*", "matchCriteriaId": "3406797E-EE0A-419B-862D-DBD8B505CCF6", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:canon:lbp236dw_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "EFA67E60-E7A7-4D07-BB1E-D9E5971EB811", "versionEndIncluding": "06.02", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:canon:lbp236dw:-:*:*:*:*:*:*:*", "matchCriteriaId": "C4077161-199F-44A0-AE33-BC999E06B8E6", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:canon:lbp633cdw_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "7739A1A2-C899-4C6C-AA80-DE1045E06C90", "versionEndIncluding": "06.02", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:canon:lbp633cdw:-:*:*:*:*:*:*:*", "matchCriteriaId": "0E319965-0012-44F0-92A1-481BACA5C140", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:canon:lbp632cdw_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "244CDE62-A03F-441D-A6BA-AEF7818DCFA1", "versionEndIncluding": "06.02", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:canon:lbp632cdw:-:*:*:*:*:*:*:*", "matchCriteriaId": "96F1019F-0C13-4FCD-B9C1-7B58D7080953", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:canon:lbp1238_ii_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "3360B837-2F0F-482A-BBE9-55FEA4441DC4", "versionEndIncluding": "06.02", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:canon:lbp1238_ii:-:*:*:*:*:*:*:*", "matchCriteriaId": "555C8CC6-7E64-48A6-BC31-2CAA03FA8FCF", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}], "cveTags": [], "descriptions": [{"lang": "en", "value": "Buffer overflow in CPCA list processing on Small Office Multifunction Printers and Laser Printers(*) which may allow an attacker on the network segment to trigger the affected product being unresponsive or to execute arbitrary code. *: Satera LBP670C Series/Satera MF750C Series firmware v06.02 and earlier sold in Japan.Color imageCLASS LBP630C/Color imageCLASS MF650C Series/imageCLASS LBP230 Series/imageCLASS X LBP1238 II/imageCLASS MF450 Series/imageCLASS X MF1238 II/imageCLASS X MF1643i II/imageCLASS X MF1643iF II firmware v06.02 and earlier sold in US.i-SENSYS LBP630C Series/i-SENSYS MF650C Series/i-SENSYS LBP230 Series/1238P II/1238Pr II/i-SENSYS MF450 Series/i-SENSYS MF550 Series/1238i II/1238iF II/imageRUNNER 1643i II/imageRUNNER 1643iF II firmware v06.02 and earlier sold in Europe."}], "id": "CVE-2025-14234", "lastModified": "2026-01-26T15:10:53.243", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 5.9, "source": "f98c90f0-e9bd-4fa7-911b-51993f3571fd", "type": "Secondary"}], "cvssMetricV40": [{"cvssData": {"Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "Safety": "NOT_DEFINED", "attackComplexity": "LOW", "attackRequirements": "NONE", "attackVector": "NETWORK", "availabilityRequirement": "NOT_DEFINED", "baseScore": 9.3, "baseSeverity": "CRITICAL", "confidentialityRequirement": "NOT_DEFINED", "exploitMaturity": "NOT_DEFINED", "integrityRequirement": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedAttackVector": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "modifiedSubAvailabilityImpact": "NOT_DEFINED", "modifiedSubConfidentialityImpact": "NOT_DEFINED", "modifiedSubIntegrityImpact": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "modifiedVulnAvailabilityImpact": "NOT_DEFINED", "modifiedVulnConfidentialityImpact": "NOT_DEFINED", "modifiedVulnIntegrityImpact": "NOT_DEFINED", "privilegesRequired": "NONE", "providerUrgency": "NOT_DEFINED", "subAvailabilityImpact": "NONE", "subConfidentialityImpact": "NONE", "subIntegrityImpact": "NONE", "userInteraction": "NONE", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", "version": "4.0", "vulnAvailabilityImpact": "HIGH", "vulnConfidentialityImpact": "HIGH", "vulnIntegrityImpact": "HIGH", "vulnerabilityResponseEffort": "NOT_DEFINED"}, "source": "f98c90f0-e9bd-4fa7-911b-51993f3571fd", "type": "Secondary"}]}, "published": "2026-01-16T00:16:27.767", "references": [{"source": "f98c90f0-e9bd-4fa7-911b-51993f3571fd", "tags": ["Vendor Advisory"], "url": "https://canon.jp/support/support-info/260115vulnerability-response"}, {"source": "f98c90f0-e9bd-4fa7-911b-51993f3571fd", "tags": ["Vendor Advisory"], "url": "https://psirt.canon/advisory-information/cp2026-001/"}, {"source": "f98c90f0-e9bd-4fa7-911b-51993f3571fd", "tags": ["Vendor Advisory"], "url": "https://www.canon-europe.com/support/product-security/"}, {"source": "f98c90f0-e9bd-4fa7-911b-51993f3571fd", "tags": ["Vendor Advisory"], "url": "https://www.usa.canon.com/support/canon-product-advisories/Service-Notice-Regarding-Remediation-Measure-Against-Potential-Buffer-Overflow-Vulnerability-in-Laser-Printers-and-Small-Office-Multifunctional-Printers"}], "sourceIdentifier": "f98c90f0-e9bd-4fa7-911b-51993f3571fd", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-787"}], "source": "f98c90f0-e9bd-4fa7-911b-51993f3571fd", "type": "Secondary"}]}

{}