CVE-2024-12648

CVE-2024-12648 is a buffer overflow vulnerability (CWE-787) in the processing of TIFF data EXIF tags within the firmware of certain Canon Small Office Multifunction Printers and Laser Printers. It affects specific models including Satera MF656Cdw/MF654Cdw (firmware v05.04 and earlier, sold in Japan), Color imageCLASS MF656Cdw/MF654Cdw/MF653Cdw/MF652Cdw and LBP633Cdw/LBP632Cdw (firmware v05.04 and earlier, sold in the US), and i-SENSYS MF657Cdw/MF655Cdw/MF651Cdw, LBP633Cdw, and LBP631Cdw (firmware v05.04 and earlier, sold in Europe). The vulnerability carries a CVSS v3.1 base score of 9.8 (Critical), reflecting its network accessibility, low attack complexity, and lack of prerequisites.

An unauthenticated attacker on the same network segment can exploit this vulnerability remotely by sending maliciously crafted TIFF data to the affected device. Successful exploitation may cause the printer to become unresponsive (denial of service) or allow arbitrary code execution, potentially compromising confidentiality, integrity, and availability with high impact.

Canon has published advisories detailing the vulnerability response, including mitigation measures and patch information, available at support pages such as https://canon.jp/support/support-info/250127vulnerability-response, https://psirt.canon/advisory-information/cp2025-001/, https://www.canon-europe.com/support/product-security/#news, and https://www.usa.canon.com/support/canon-product-advisories/service-notice-regarding-vulnerability-measure-against-buffer-overflow-for-laser-printers-and-small-office-multifunctional-printers. Security practitioners should review these for firmware updates and apply them promptly to vulnerable devices.