CVE-2025-14237

Buffer overflow in XPS font parse processing on Small Office Multifunction Printers and Laser Printers(*) which may allow an attacker on the network segment to trigger the affected product being unresponsive or to execute arbitrary code. *: Satera LBP670C Series/Satera MF750C Series firmware v06.02 and earlier sold in Japan.Color imageCLASS LBP630C/Color imageCLASS MF650C Series/imageCLASS LBP230 Series/imageCLASS X LBP1238 II/imageCLASS MF450 Series/imageCLASS X MF1238 II/imageCLASS X MF1643i II/imageCLASS X MF1643iF II firmware v06.02 and earlier sold in US.i-SENSYS LBP630C Series/i-SENSYS MF650C Series/i-SENSYS LBP230 Series/1238P II/1238Pr II/i-SENSYS MF450 Series/i-SENSYS MF550 Series/1238i II/1238iF II/imageRUNNER 1643i II/imageRUNNER 1643iF II firmware v06.02 and earlier sold in Europe.

Published: Jan 16, 2026
Updated: Jan 17, 2026
CVE: CVE-2025-14237
Severity: Critical
Exploit:

CVSS v3:

Severity: Critical
Score: 9.8
AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CWEs:

CWE-787

Affected Software
References

Software	From	Fixed in
canon / mf455dw_firmware	-	06.02.x
canon / mf453dw_firmware	-	06.02.x
canon / mf452dw_firmware	-	06.02.x
canon / mf451dw_firmware	-	06.02.x
canon / mf654cdw_firmware	-	06.02.x
canon / mf656cdw_firmware	-	06.02.x
canon / mf653cdw_firmware	-	06.02.x
canon / mf652cw_firmware	-	06.02.x
canon / mf1238_ii_firmware	-	06.02.x
canon / mf1643if_ii_firmware	-	06.02.x
canon / mf1643i_ii_firmware	-	06.02.x
canon / lbp237dw_firmware	-	06.02.x
canon / lbp236dw_firmware	-	06.02.x
canon / lbp633cdw_firmware	-	06.02.x
canon / lbp632cdw_firmware	-	06.02.x
canon / lbp1238_ii_firmware	-	06.02.x

Vulnerability Database

322,905

CVE-2025-14237

Deep Security Visibility Without the Complexity