CVE-2025-14233

  1. OpenCVE
  2. Vulnerabilities (CVE)
  3. CVE-2025-14233
Invalid free in CPCA file deletion processing on Small Office Multifunction Printers and Laser Printers(*) which may allow an attacker on the network segment to trigger the affected product being unresponsive or to execute arbitrary code. *: Satera LBP670C Series/Satera MF750C Series firmware v06.02 and earlier sold in Japan.Color imageCLASS LBP630C/Color imageCLASS MF650C Series/imageCLASS LBP230 Series/imageCLASS X LBP1238 II/imageCLASS MF450 Series/imageCLASS X MF1238 II/imageCLASS X MF1643i II/imageCLASS X MF1643iF II firmware v06.02 and earlier sold in US.i-SENSYS LBP630C Series/i-SENSYS MF650C Series/i-SENSYS LBP230 Series/1238P II/1238Pr II/i-SENSYS MF450 Series/i-SENSYS MF550 Series/1238i II/1238iF II/imageRUNNER 1643i II/imageRUNNER 1643iF II firmware v06.02 and earlier sold in Europe.

9.8 /10

CVSS v3 : CRITICAL

V3 Legend

Vector :

Exploitability : 3.9 / Impact : 5.9

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact HIGH

Scope UNCHANGED

References
Link Resource
https://canon.jp/support/support-info/260115vulnerability-response Vendor Advisory
https://psirt.canon/advisory-information/cp2026-001/ Vendor Advisory
https://www.canon-europe.com/support/product-security/ Vendor Advisory
https://www.usa.canon.com/support/canon-product-advisories/Service-Notice-Regarding-Remediation-Measure-Against-Potential-Buffer-Overflow-Vulnerability-in-Laser-Printers-and-Small-Office-Multifunctional-Printers Vendor Advisory
Configurations

Configuration 1 (hide)

AND
cpe:2.3:o:canon:mf455dw_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:canon:mf455dw:-:*:*:*:*:*:*:*

Configuration 2 (hide)

AND
cpe:2.3:o:canon:mf453dw_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:canon:mf453dw:-:*:*:*:*:*:*:*

Configuration 3 (hide)

AND
cpe:2.3:o:canon:mf452dw_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:canon:mf452dw:-:*:*:*:*:*:*:*

Configuration 4 (hide)

AND
cpe:2.3:o:canon:mf451dw_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:canon:mf451dw:-:*:*:*:*:*:*:*

Configuration 5 (hide)

AND
cpe:2.3:o:canon:mf654cdw_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:canon:mf654cdw:-:*:*:*:*:*:*:*

Configuration 6 (hide)

AND
cpe:2.3:o:canon:mf656cdw_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:canon:mf656cdw:-:*:*:*:*:*:*:*

Configuration 7 (hide)

AND
cpe:2.3:o:canon:mf653cdw_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:canon:mf653cdw:-:*:*:*:*:*:*:*

Configuration 8 (hide)

AND
cpe:2.3:o:canon:mf652cw_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:canon:mf652cdw:-:*:*:*:*:*:*:*

Configuration 9 (hide)

AND
cpe:2.3:o:canon:mf1238_ii_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:canon:mf1238_ii:-:*:*:*:*:*:*:*

Configuration 10 (hide)

AND
cpe:2.3:o:canon:mf1643if_ii_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:canon:mf1643if_ii:-:*:*:*:*:*:*:*

Configuration 11 (hide)

AND
cpe:2.3:o:canon:mf1643i_ii_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:canon:mf1643i_ii:-:*:*:*:*:*:*:*

Configuration 12 (hide)

AND
cpe:2.3:o:canon:lbp237dw_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:canon:lbp237dw:-:*:*:*:*:*:*:*

Configuration 13 (hide)

AND
cpe:2.3:o:canon:lbp236dw_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:canon:lbp236dw:-:*:*:*:*:*:*:*

Configuration 14 (hide)

AND
cpe:2.3:o:canon:lbp633cdw_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:canon:lbp633cdw:-:*:*:*:*:*:*:*

Configuration 15 (hide)

AND
cpe:2.3:o:canon:lbp632cdw_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:canon:lbp632cdw:-:*:*:*:*:*:*:*

Configuration 16 (hide)

AND
cpe:2.3:o:canon:lbp1238_ii_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:canon:lbp1238_ii:-:*:*:*:*:*:*:*
History

26 Jan 2026, 15:10

Type Values Removed Values Added
CPE cpe:2.3:o:canon:lbp237dw_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:canon:mf451dw_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:canon:mf656cdw:-:*:*:*:*:*:*:*
cpe:2.3:h:canon:mf451dw:-:*:*:*:*:*:*:*
cpe:2.3:h:canon:mf654cdw:-:*:*:*:*:*:*:*
cpe:2.3:h:canon:mf1643if_ii:-:*:*:*:*:*:*:*
cpe:2.3:o:canon:lbp633cdw_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:canon:mf455dw:-:*:*:*:*:*:*:*
cpe:2.3:o:canon:mf453dw_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:canon:lbp632cdw_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:canon:mf1238_ii:-:*:*:*:*:*:*:*
cpe:2.3:o:canon:lbp236dw_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:canon:lbp1238_ii_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:canon:mf652cw_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:canon:mf652cdw:-:*:*:*:*:*:*:*
cpe:2.3:h:canon:lbp632cdw:-:*:*:*:*:*:*:*
cpe:2.3:o:canon:mf656cdw_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:canon:mf1643if_ii_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:canon:mf453dw:-:*:*:*:*:*:*:*
cpe:2.3:h:canon:mf653cdw:-:*:*:*:*:*:*:*
cpe:2.3:h:canon:lbp1238_ii:-:*:*:*:*:*:*:*
cpe:2.3:o:canon:mf654cdw_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:canon:mf653cdw_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:canon:mf1643i_ii_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:canon:mf1643i_ii:-:*:*:*:*:*:*:*
cpe:2.3:o:canon:mf1238_ii_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:canon:mf452dw_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:canon:lbp236dw:-:*:*:*:*:*:*:*
cpe:2.3:h:canon:lbp633cdw:-:*:*:*:*:*:*:*
cpe:2.3:h:canon:mf452dw:-:*:*:*:*:*:*:*
cpe:2.3:o:canon:mf455dw_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:canon:lbp237dw:-:*:*:*:*:*:*:*
First Time Canon lbp237dw
Canon mf455dw
Canon lbp1238 Ii
Canon lbp1238 Ii Firmware
Canon mf653cdw Firmware
Canon lbp633cdw Firmware
Canon mf653cdw
Canon lbp632cdw Firmware
Canon lbp236dw
Canon mf451dw
Canon mf453dw Firmware
Canon mf1238 Ii
Canon lbp633cdw
Canon mf1643if Ii
Canon lbp236dw Firmware
Canon mf652cw Firmware
Canon mf1643i Ii Firmware
Canon mf1238 Ii Firmware
Canon lbp237dw Firmware
Canon mf654cdw Firmware
Canon mf1643if Ii Firmware
Canon lbp632cdw
Canon mf1643i Ii
Canon mf453dw
Canon mf452dw
Canon mf452dw Firmware
Canon mf455dw Firmware
Canon mf654cdw
Canon mf652cdw
Canon mf656cdw Firmware
Canon
Canon mf656cdw
Canon mf451dw Firmware
References () https://canon.jp/support/support-info/260115vulnerability-response - () https://canon.jp/support/support-info/260115vulnerability-response - Vendor Advisory
References () https://psirt.canon/advisory-information/cp2026-001/ - () https://psirt.canon/advisory-information/cp2026-001/ - Vendor Advisory
References () https://www.canon-europe.com/support/product-security/ - () https://www.canon-europe.com/support/product-security/ - Vendor Advisory
References () https://www.usa.canon.com/support/canon-product-advisories/Service-Notice-Regarding-Remediation-Measure-Against-Potential-Buffer-Overflow-Vulnerability-in-Laser-Printers-and-Small-Office-Multifunctional-Printers - () https://www.usa.canon.com/support/canon-product-advisories/Service-Notice-Regarding-Remediation-Measure-Against-Potential-Buffer-Overflow-Vulnerability-in-Laser-Printers-and-Small-Office-Multifunctional-Printers - Vendor Advisory

16 Jan 2026, 00:16

Type Values Removed Values Added
New CVE
Information

Published : 2026-01-16 00:16

Updated : 2026-01-26 15:10

NVD link : CVE-2025-14233

Mitre link : CVE-2025-14233

CVE.ORG link : CVE-2025-14233

JSON object : View

Products Affected

canon

  • mf455dw_firmware
  • lbp632cdw_firmware
  • mf1238_ii
  • mf656cdw_firmware
  • lbp237dw_firmware
  • mf453dw
  • mf1643i_ii
  • mf1643if_ii_firmware
  • mf452dw
  • lbp237dw
  • mf654cdw
  • mf654cdw_firmware
  • lbp633cdw_firmware
  • mf453dw_firmware
  • mf451dw
  • mf653cdw
  • mf1643i_ii_firmware
  • mf452dw_firmware
  • mf1643if_ii
  • mf656cdw
  • mf1238_ii_firmware
  • lbp236dw_firmware
  • lbp1238_ii_firmware
  • mf455dw
  • lbp236dw
  • mf451dw_firmware
  • lbp632cdw
  • mf652cdw
  • lbp1238_ii
  • mf652cw_firmware
  • lbp633cdw
  • mf653cdw_firmware
CWE
CWE-763

Release of Invalid Pointer or Reference