CVE-2024-12649
Published: 28 January 2025
Summary
CVE-2024-12649 is a critical-severity Out-of-bounds Write (CWE-787) vulnerability in Canon Mf455Dw Firmware. Its CVSS base score is 9.8 (Critical).
Operationally, ranked in the top 46.2% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog.
The strongest mitigations our analysis identified are NIST 800-53 SC-7 (Boundary Protection) and SI-2 (Flaw Remediation).
Threat & Defense at a Glance
Threat & Defense Details
Mitigating Controls (NIST 800-53 r5)AI
Vendor firmware updates directly remediate the buffer overflow vulnerability in XPS data font processing on affected Canon printers.
Boundary protection via firewalls and network segmentation prevents unauthenticated network segment attackers from reaching the vulnerable printer service.
Memory protection mechanisms such as non-executable data areas mitigate arbitrary code execution from buffer overflow exploitation.
NVD Description
Buffer overflow in XPS data font processing of Small Office Multifunction Printers and Laser Printers(*) which may allow an attacker on the network segment to trigger the affected product being unresponsive or to execute arbitrary code. *: Satera MF656Cdw/Satera MF654Cdw…
more
firmware v05.04 and earlier sold in Japan. Color imageCLASS MF656Cdw/Color imageCLASS MF654Cdw/Color imageCLASS MF653Cdw/Color imageCLASS MF652Cdw/Color imageCLASS LBP633Cdw/Color imageCLASS LBP632Cdw firmware v05.04 and earlier sold in US. i-SENSYS MF657Cdw/i-SENSYS MF655Cdw/i-SENSYS MF651Cdw/i-SENSYS LBP633Cdw/i-SENSYS LBP631Cdw firmware v05.04 and earlier sold in Europe.
Deeper analysisAI
CVE-2024-12649 is a buffer overflow vulnerability (CWE-787) in the XPS data font processing component of specific Canon Small Office Multifunction Printers and Laser Printers. Affected products include Satera MF656Cdw and MF654Cdw with firmware v05.04 and earlier sold in Japan; Color imageCLASS MF656Cdw, MF654Cdw, MF653Cdw, MF652Cdw, LBP633Cdw, and LBP632Cdw with firmware v05.04 and earlier sold in the US; and i-SENSYS MF657Cdw, MF655Cdw, MF651Cdw, LBP633Cdw, and LBP631Cdw with firmware v05.04 and earlier sold in Europe.
The vulnerability can be exploited by an unauthenticated attacker on the same network segment with low complexity and no user interaction required. Successful exploitation may cause the affected printer to become unresponsive (denial of service) or allow execution of arbitrary code, with a CVSS v3.1 base score of 9.8 (AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) reflecting critical severity across confidentiality, integrity, and availability impacts.
Canon advisories, such as PSIRT advisory CP2025-001 and regional support notices from Japan, Europe, and the US, detail vulnerability responses and measures against this buffer overflow in laser printers and small office multifunction printers. Security practitioners should consult these resources for patching instructions and firmware updates.
Details
- CWE(s)