CVE-2024-12648

None

Description

Buffer overflow in TIFF data EXIF tag processing of Small Office Multifunction Printers and Laser Printers(*) which may allow an attacker on the network segment to trigger the affected product being unresponsive or to execute arbitrary code. *: Satera MF656Cdw/Satera MF654Cdw firmware v05.04 and earlier sold in Japan. Color imageCLASS MF656Cdw/Color imageCLASS MF654Cdw/Color imageCLASS MF653Cdw/Color imageCLASS MF652Cdw/Color imageCLASS LBP633Cdw/Color imageCLASS LBP632Cdw firmware v05.04 and earlier sold in US. i-SENSYS MF657Cdw/i-SENSYS MF655Cdw/i-SENSYS MF651Cdw/i-SENSYS LBP633Cdw/i-SENSYS LBP631Cdw firmware v05.04 and earlier sold in Europe.

INFO

Published Date :

2025-01-28T00:39:15.098Z

Last Modified :

2025-01-28T15:17:30.024Z

Source :

Canon

AFFECTED PRODUCTS

The following products are affected by CVE-2024-12648 vulnerability.

Vendors	Products
Canon	Lbp1238 Ii Lbp1238 Ii Firmware Lbp1440 Lbp1440 Firmware Lbp236dw Lbp236dw Firmware Lbp237dw Lbp237dw Firmware Lbp246dw Lbp246dw Firmware Lbp247dw Lbp247dw Firmware Lbp632cdw Lbp632cdw Firmware Lbp633cdw Lbp633cdw Firmware Mf1238 Ii Mf1238 Ii Firmware Mf1440 Mf1440 Firmware Mf1643i Ii Mf1643i Ii Firmware Mf1643if Ii Mf1643if Ii Firmware Mf451dw Mf451dw Firmware Mf452dw Mf452dw Firmware Mf453dw Mf453dw Firmware Mf455dw Mf455dw Firmware Mf462dw Mf462dw Firmware Mf465dw Mf465dw Firmware Mf652cw Mf652cw Firmware Mf653cdw Mf653cdw Firmware Mf654cdw Mf654cdw Firmware Mf656cdw Mf656cdw Firmware

Vendors

Products

Canon

Lbp1238 Ii
Lbp1238 Ii Firmware
Lbp1440
Lbp1440 Firmware
Lbp236dw
Lbp236dw Firmware
Lbp237dw
Lbp237dw Firmware
Lbp246dw
Lbp246dw Firmware
Lbp247dw
Lbp247dw Firmware
Lbp632cdw
Lbp632cdw Firmware
Lbp633cdw
Lbp633cdw Firmware
Mf1238 Ii
Mf1238 Ii Firmware
Mf1440
Mf1440 Firmware
Mf1643i Ii
Mf1643i Ii Firmware
Mf1643if Ii
Mf1643if Ii Firmware
Mf451dw
Mf451dw Firmware
Mf452dw
Mf452dw Firmware
Mf453dw
Mf453dw Firmware
Mf455dw
Mf455dw Firmware
Mf462dw
Mf462dw Firmware
Mf465dw
Mf465dw Firmware
Mf652cw
Mf652cw Firmware
Mf653cdw
Mf653cdw Firmware
Mf654cdw
Mf654cdw Firmware
Mf656cdw
Mf656cdw Firmware

REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2024-12648.

URL	Resource
https://canon.jp/support/support-info/250127vulnerability-response
https://psirt.canon/advisory-information/cp2025-001/
https://www.canon-europe.com/support/product-security/#news
https://www.usa.canon.com/support/canon-product-advisories/service-notice-regarding-vulnerability-measure-against-buffer-overflow-for-laser-printers-and-small-office-multifunctional-printers

CVSS Vulnerability Scoring System

V3.1

Detailed values of each vector for above chart.

Attack Vector

Attack Complexity

Privileges Required

User Interaction

Scope

Confidentiality Impact

Integrity Impact

Availability Impact