Cyber Resilience

CVE-2024-12647

Critical

Published: 28 January 2025

Published
28 January 2025
Modified
26 January 2026
KEV Added
Patch
CVSS Score v3.1 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
EPSS Score 0.0031 54.2th percentile
Risk Priority 20 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2024-12647 is a critical-severity Out-of-bounds Write (CWE-787) vulnerability in Canon Mf455Dw Firmware. Its CVSS base score is 9.8 (Critical).

Operationally, exploitation aligns with the MITRE ATT&CK technique Exploit Public-Facing Application (T1190); ranked in the top 45.8% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog.

The strongest mitigations our analysis identified are NIST 800-53 SI-10 (Information Input Validation) and SI-16 (Memory Protection).

Deeper analysis

CVE-2024-12647 is a buffer overflow vulnerability (CWE-787) in the CPCA font download processing component of certain Canon Small Office Multifunction Printers and Laser Printers. It affects Satera MF656Cdw and MF654Cdw (Japan), Color imageCLASS MF656Cdw, MF654Cdw, MF653Cdw, MF652Cdw, LBP633Cdw, and LBP632Cdw (US), and i-SENSYS MF657Cdw, MF655Cdw, MF651Cdw, LBP633Cdw, and LBP631Cdw (Europe), all running firmware version v05.04 and earlier. The vulnerability carries a CVSS v3.1 base score of 9.8, reflecting its critical severity.

An unauthenticated attacker on the same network segment can exploit this vulnerability remotely over the network with low complexity and no user interaction required. Successful exploitation may cause the affected printer to become unresponsive (denial of service) or allow execution of arbitrary code, potentially compromising the device's integrity, confidentiality, and availability.

Canon has published advisories detailing responses to this vulnerability, including measures against the buffer overflow. Relevant support information is available at https://canon.jp/support/support-info/250127vulnerability-response, https://psirt.canon/advisory-information/cp2025-001/, https://www.canon-europe.com/support/product-security/#news, and https://www.usa.canon.com/support/canon-product-advisories/service-notice-regarding-vulnerability-measure-against-buffer-overflow-for-laser-printers-and-small-office-multifunctional-printers.

EU & UK References

Vulnerability details

Buffer overflow in CPCA font download processing of Small Office Multifunction Printers and Laser Printers(*) which may allow an attacker on the network segment to trigger the affected product being unresponsive or to execute arbitrary code. *: Satera MF656Cdw/Satera MF654Cdw…

more

firmware v05.04 and earlier sold in Japan. Color imageCLASS MF656Cdw/Color imageCLASS MF654Cdw/Color imageCLASS MF653Cdw/Color imageCLASS MF652Cdw/Color imageCLASS LBP633Cdw/Color imageCLASS LBP632Cdw firmware v05.04 and earlier sold in US. i-SENSYS MF657Cdw/i-SENSYS MF655Cdw/i-SENSYS MF651Cdw/i-SENSYS LBP633Cdw/i-SENSYS LBP631Cdw firmware v05.04 and earlier sold in Europe.

CWE(s)

Related Threats

MITRE ATT&CK Enterprise TechniquesAI

T1190 Exploit Public-Facing Application Initial Access
Adversaries may attempt to exploit a weakness in an Internet-facing host or system to initially access a network.
T1210 Exploitation of Remote Services Lateral Movement
Adversaries may exploit remote services to gain unauthorized access to internal systems once inside of a network.
Why these techniques?

Buffer overflow enables remote unauthenticated RCE/DoS against exposed network service on printers, directly mapping to public-facing service exploitation and remote service exploitation techniques.

Confidence: HIGH · MITRE ATT&CK Enterprise v18.1

CVEs Like This One

CVE-2024-12649Same product: Canon Lbp1238 Ii
CVE-2024-12648Same product: Canon Lbp1238 Ii
CVE-2025-14231Same product: Canon Lbp1238 Ii
CVE-2025-14232Same product: Canon Lbp1238 Ii
CVE-2025-14237Same product: Canon Lbp1238 Ii
CVE-2025-14234Same product: Canon Lbp1238 Ii
CVE-2025-14235Same product: Canon Lbp1238 Ii
CVE-2025-14236Same product: Canon Lbp1238 Ii
CVE-2025-14233Same product: Canon Lbp1238 Ii
CVE-2026-22853Shared CWE-787

Affected Assets

canon
mf455dw firmware
≤ 05.04
canon
mf453dw firmware
≤ 05.04
canon
mf452dw firmware
≤ 05.04
canon
mf451dw firmware
≤ 05.04
canon
mf465dw firmware
≤ 05.04
canon
mf462dw firmware
≤ 05.04
canon
mf656cdw firmware
≤ 05.04
canon
mf654cdw firmware
≤ 05.04
canon
mf653cdw firmware
≤ 05.04
canon
mf652cw firmware
≤ 05.04
+12 more product configuration(s) — see NVD for full list

Mitigating Controls

Mitigating Controls (NIST 800-53 r5) AI

prevent

Directly remediates the buffer overflow vulnerability in CPCA font download processing by applying Canon-provided firmware updates.

prevent

Prevents buffer overflow exploitation by validating and sanitizing font download inputs to ensure they do not exceed buffer capacities.

prevent

Mitigates arbitrary code execution from the buffer overflow through memory protections such as non-executable stacks and address space randomization.

References