CVE-2025-48499

Summary

Out-of-bounds write vulnerability exists in FUJIFILM Business Innovation MFPs. A specially crafted IPP (Internet Printing Protocol) or LPD (Line Printer Daemon) packet may cause a denial-of-service (DoS) condition on an affected MFP. Resetting the MFP is required to recover from the denial-of-service (DoS) condition.

Affected Software

VendorProductVersion RangeStatus
FUJIFILM Business Innovation Corp.DocuPrint CP225 w01.23.02 and earlieraffected
FUJIFILM Business Innovation Corp.DocuPrint CP228 w01.23.02 and earlieraffected
FUJIFILM Business Innovation Corp.DocuPrint CP115 w01.09.00 and earlieraffected
FUJIFILM Business Innovation Corp.DocuPrint CP118 w01.09.00 and earlieraffected
FUJIFILM Business Innovation Corp.DocuPrint CP116 w01.09.00 and earlieraffected
FUJIFILM Business Innovation Corp.DocuPrint CP119 w01.09.00 and earlieraffected
FUJIFILM Business Innovation Corp.DocuPrint CM225 fw01.12.02 and earlieraffected
FUJIFILM Business Innovation Corp.DocuPrint CM228 fw01.12.02 and earlieraffected
FUJIFILM Business Innovation Corp.DocuPrint CM115 w01.09.01 and earlieraffected
FUJIFILM Business Innovation Corp.DocuPrint CM118 w01.09.01 and earlieraffected
FUJIFILM Business Innovation Corp.Apoes 2150 N01.00.47 and earlieraffected
FUJIFILM Business Innovation Corp.Apoes 2350 NDA01.00.47 and earlieraffected
FUJIFILM Business Innovation Corp.Apoes 2150 ND01.00.47 and earlieraffected
FUJIFILM Business Innovation Corp.Apoes 2150 NDA01.00.47 and earlieraffected

Weaknesses

  • CWE-787: Out-of-bounds Write

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: yes
    • Technical Impact: partial

References