CVE-2025-14233
Unknown
Unknown - Not Provided
BaseFortify
Publication date: 2026-01-16
Last updated on: 2026-01-16
Assigner: Canon Inc.
Description
Description
Invalid free in CPCA file deletion processing on Small Office Multifunction Printers and Laser Printers(*) which may allow an attacker on the network segment to trigger the affected product being unresponsive or to execute arbitrary code. *: Satera LBP670C Series/Satera MF750C Series firmware v06.02 and earlier sold in Japan.Color imageCLASS LBP630C/Color imageCLASS MF650C Series/imageCLASS LBP230 Series/imageCLASS X LBP1238 II/imageCLASS MF450 Series/imageCLASS X MF1238 II/imageCLASS X MF1643i II/imageCLASS X MF1643iF II firmware v06.02 and earlier sold in US.i-SENSYS LBP630C Series/i-SENSYS MF650C Series/i-SENSYS LBP230 Series/1238P II/1238Pr II/i-SENSYS MF450 Series/i-SENSYS MF550 Series/1238i II/1238iF II/imageRUNNER 1643i II/imageRUNNER 1643iF II firmware v06.02 and earlier sold in Europe.
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| canon | satera_lbp670c_series | * |
| canon | satera_mf750c_series | to 06.02 (inc) |
| canon | color_imageclass_lbp630c | to 06.02 (inc) |
| canon | color_imageclass_mf650c_series | to 06.02 (inc) |
| canon | imageclass_lbp230_series | to 06.02 (inc) |
| canon | imageclass_x_lbp1238_ii | to 06.02 (inc) |
| canon | imageclass_mf450_series | to 06.02 (inc) |
| canon | imageclass_x_mf1238_ii | to 06.02 (inc) |
| canon | imageclass_x_mf1643i_ii | to 06.02 (inc) |
| canon | imageclass_x_mf1643if_ii | to 06.02 (inc) |
| canon | i-sensys_lbp630c_series | to 06.02 (inc) |
| canon | i-sensys_mf650c_series | to 06.02 (inc) |
| canon | i-sensys_lbp230_series | to 06.02 (inc) |
| canon | 1238p_ii | to 06.02 (inc) |
| canon | 1238pr_ii | to 06.02 (inc) |
| canon | i-sensys_mf450_series | to 06.02 (inc) |
| canon | i-sensys_mf550_series | to 06.02 (inc) |
| canon | 1238i_ii | to 06.02 (inc) |
| canon | 1238if_ii | to 06.02 (inc) |
| canon | imagerunner_1643i_ii | to 06.02 (inc) |
| canon | imagerunner_1643if_ii | to 06.02 (inc) |
Helpful Resources
Exploitability
CWE
KEV
| CWE ID | Description |
|---|---|
| CWE-763 | The product attempts to return a memory resource to the system, but it calls the wrong release function or calls the appropriate release function incorrectly. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability is an invalid free in CPCA file deletion processing on certain Canon Small Office Multifunction Printers and Laser Printers. It may allow an attacker on the same network segment to cause the affected device to become unresponsive or to execute arbitrary code.
How can this vulnerability impact me? :
An attacker exploiting this vulnerability could make the affected printer unresponsive, disrupting its availability, or execute arbitrary code, potentially taking control of the device or using it as a foothold within the network.
Ask Our AI Assistant
Need more information? Ask your question to get an AI reply (Powered by our expertise)
0/70