CVE-2025-14233
Essential information
- Published
- 16/01/2026 00:16
- Modified
- 16/01/2026 15:55
- Author
- —
- Creator
- —
- CVSS
- 9.3 CRITICAL (v3) 9.3 CRITICAL (v4.0)
- CISA KEV
- No
- CWE
- —
- CVSS vector
-
—
—
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
CVSS metrics
- Access vector
- —
- Access complexity
- —
- Authentication
- —
- Confidentiality impact
- —
- Integrity impact
- —
- Availability impact
- —
- Exploitability
- —
- Remediation level
- —
- Report confidence
- —
- Temporal score
- —
- Attack vector
- —
- Attack complexity
- —
- Privileges required
- —
- User interaction
- —
- Scope
- —
- Confidentiality impact
- —
- Integrity impact
- —
- Availability impact
- —
- Exploit code maturity
- —
- Remediation level
- —
- Report confidence
- —
- Temporal score
- —
- Attack vector
- NETWORK
- Attack complexity
- LOW
- Attack requirements
- NONE
- Privileges required
- NONE
- User interaction
- NONE
- Confidentiality (V)
- HIGH
- Confidentiality (S)
- NONE
- Integrity (V)
- HIGH
- Integrity (S)
- NONE
- Availability (V)
- HIGH
- Availability (S)
- NONE
- Exploit maturity
- NOT_DEFINED
Description
Invalid free in CPCA file deletion processing on Small Office Multifunction Printers and Laser Printers(*) which may allow an attacker on the network segment to trigger the affected product being unresponsive or to execute arbitrary code. *: Satera LBP670C Series/Satera MF750C Series firmware v06.02 and earlier sold in Japan.Color imageCLASS LBP630C/Color imageCLASS MF650C Series/imageCLASS LBP230 Series/imageCLASS X LBP1238 II/imageCLASS MF450 Series/imageCLASS X MF1238 II/imageCLASS X MF1643i II/imageCLASS X MF1643iF II firmware v06.02 and earlier sold in US.i-SENSYS LBP630C Series/i-SENSYS MF650C Series/i-SENSYS LBP230 Series/1238P II/1238Pr II/i-SENSYS MF450 Series/i-SENSYS MF550 Series/1238i II/1238iF II/imageRUNNER 1643i II/imageRUNNER 1643iF II firmware v06.02 and earlier sold in Europe.
NVD status
- Status
- Awaiting Analysis — CVE has been recently published to the CVE List and has been received by the NVD.
- Source
- f98c90f0-e9bd-4fa7-911b-51993f3571fd
- NVD
- View on NVD
Affected products (CPE)
| Product | CPE |
|---|---|
| canon / satera lbp670c | cpe:2.3:a:canon:satera_lbp670c:*:*:*:*:*:*:*:* |
| canon / satera mf750c | cpe:2.3:a:canon:satera_mf750c:*:*:*:*:*:*:*:* |
| canon / color imageclass lbp630c | cpe:2.3:a:canon:color_imageclass_lbp630c:*:*:*:*:*:*:*:* |
| canon / color imageclass mf650c | cpe:2.3:a:canon:color_imageclass_mf650c:*:*:*:*:*:*:*:* |
| canon / imageclass lbp230 | cpe:2.3:a:canon:imageclass_lbp230:*:*:*:*:*:*:*:* |
| canon / imageclass x lbp1238 ii | cpe:2.3:a:canon:imageclass_x_lbp1238_ii:*:*:*:*:*:*:*:* |
| canon / imageclass mf450 | cpe:2.3:a:canon:imageclass_mf450:*:*:*:*:*:*:*:* |
| canon / imageclass x mf1238 ii | cpe:2.3:a:canon:imageclass_x_mf1238_ii:*:*:*:*:*:*:*:* |
| canon / imageclass x mf1643i ii | cpe:2.3:a:canon:imageclass_x_mf1643i_ii:*:*:*:*:*:*:*:* |
| canon / imageclass x mf1643if ii | cpe:2.3:a:canon:imageclass_x_mf1643if_ii:*:*:*:*:*:*:*:* |
| canon / i-sensys lbp630c | cpe:2.3:a:canon:i-sensys_lbp630c:*:*:*:*:*:*:*:* |
| canon / i-sensys mf650c | cpe:2.3:a:canon:i-sensys_mf650c:*:*:*:*:*:*:*:* |
| canon / i-sensys lbp230 | cpe:2.3:a:canon:i-sensys_lbp230:*:*:*:*:*:*:*:* |
| canon / image runner 1643i ii | cpe:2.3:a:canon:image_runner_1643i_ii:*:*:*:*:*:*:*:* |
| canon / image runner 1643if ii | cpe:2.3:a:canon:image_runner_1643if_ii:*:*:*:*:*:*:*:* |