CVE-2025-48499_CVE-2025-48499

5.3 / 10

MEDIUM

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

Description

Out-of-bounds write vulnerability exists in FUJIFILM Business Innovation MFPs. A specially crafted IPP (Internet Printing Protocol) or LPD (Line Printer Daemon) packet may cause a denial-of-service (DoS) condition on an affected MFP. Resetting the MFP is required to recover from the denial-of-service (DoS) condition.

Basic Information

ID CVE-2025-48499

Source jpcert

Published Aug 4, 2025 at 05:17

Modified Aug 7, 2025 at 16:05

Affected Product

Vendor FUJIFILM Business Innovation Corp.

Product DocuPrint CP225 w

Version 01.23.02 and earlier

Affected Versions FUJIFILM Business Innovation Corp. DocuPrint CP225 w 01.23.02 and earlier
FUJIFILM Business Innovation Corp. DocuPrint CP228 w 01.23.02 and earlier
FUJIFILM Business Innovation Corp. DocuPrint CP115 w 01.09.00 and earlier
FUJIFILM Business Innovation Corp. DocuPrint CP118 w 01.09.00 and earlier
FUJIFILM Business Innovation Corp. DocuPrint CP116 w 01.09.00 and earlier
FUJIFILM Business Innovation Corp. DocuPrint CP119 w 01.09.00 and earlier
FUJIFILM Business Innovation Corp. DocuPrint CM225 fw 01.12.02 and earlier
FUJIFILM Business Innovation Corp. DocuPrint CM228 fw 01.12.02 and earlier
FUJIFILM Business Innovation Corp. DocuPrint CM115 w 01.09.01 and earlier
FUJIFILM Business Innovation Corp. DocuPrint CM118 w 01.09.01 and earlier
FUJIFILM Business Innovation Corp. Apoes 2150 N 01.00.47 and earlier
FUJIFILM Business Innovation Corp. Apoes 2350 NDA 01.00.47 and earlier
FUJIFILM Business Innovation Corp. Apoes 2150 ND 01.00.47 and earlier
FUJIFILM Business Innovation Corp. Apoes 2150 NDA 01.00.47 and earlier

CWE Classification

CWE-787

References

{
    "lastseen": "",
    "description": "Out-of-bounds write vulnerability exists in FUJIFILM Business Innovation MFPs. A specially crafted IPP (Internet Printing Protocol) or LPD (Line Printer Daemon) packet may cause a denial-of-service (DoS) condition on an affected MFP. Resetting the MFP is required to recover from the denial-of-service (DoS) condition.",
    "published": "2025-08-04T05:17:01.537Z",
    "modified": "2025-08-07T16:05:44.214Z",
    "type": "cve",
    "title": "CVE-2025-48499",
    "source": "jpcert",
    "references": "https://www.fujifilm.com/fbglobal/eng/company/news/notice/2025/0804_announce.html\nhttps://jvn.jp/en/vu/JVNVU93897456/",
    "id": "CVE-2025-48499",
    "bulletinFamily": "",
    "cwe": [
        "CWE-787"
    ],
    "cvelist": null,
    "sourceData": "FUJIFILM Business Innovation Corp. DocuPrint CP225 w 01.23.02 and earlier\nFUJIFILM Business Innovation Corp. DocuPrint CP228 w 01.23.02 and earlier\nFUJIFILM Business Innovation Corp. DocuPrint CP115 w 01.09.00 and earlier\nFUJIFILM Business Innovation Corp. DocuPrint CP118 w 01.09.00 and earlier\nFUJIFILM Business Innovation Corp. DocuPrint CP116 w 01.09.00 and earlier\nFUJIFILM Business Innovation Corp. DocuPrint CP119 w 01.09.00 and earlier\nFUJIFILM Business Innovation Corp. DocuPrint CM225 fw 01.12.02 and earlier\nFUJIFILM Business Innovation Corp. DocuPrint CM228 fw 01.12.02 and earlier\nFUJIFILM Business Innovation Corp. DocuPrint CM115 w 01.09.01 and earlier\nFUJIFILM Business Innovation Corp. DocuPrint CM118 w 01.09.01 and earlier\nFUJIFILM Business Innovation Corp. Apoes 2150 N 01.00.47 and earlier\nFUJIFILM Business Innovation Corp. Apoes 2350 NDA 01.00.47 and earlier\nFUJIFILM Business Innovation Corp. Apoes 2150 ND 01.00.47 and earlier\nFUJIFILM Business Innovation Corp. Apoes 2150 NDA 01.00.47 and earlier",
    "sourceHref": "",
    "cvss": {
        "score": 5.3,
        "severity": "MEDIUM",
        "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
        "version": "3.1"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "DocuPrint CP225 w",
    "version": "01.23.02 and earlier",
    "vendor": "FUJIFILM Business Innovation Corp.",
    "ai_description": "",
    "ai_severity": "",
    "ai_vendor": "",
    "ai_product": "",
    "ai_version": "",
    "ai_score": 0
}