{"cve":{"cve_id":"CVE-2024-12649","is_kev":false,"kev_date_added":null,"kev_vendor_project":null,"kev_product":null,"kev_vulnerability_name":null,"kev_short_description":null,"kev_required_action":null,"kev_due_date":null,"kev_known_ransomware":null,"kev_notes":null,"kev_cwes":null,"epss_score":0.01109,"epss_percentile":0.61633,"epss_as_of":"2026-06-23","description":"Buffer overflow in XPS data font processing of Small Office Multifunction Printers and Laser Printers(*) which may allow an attacker on the network segment to trigger the affected product being unresponsive or to execute arbitrary code. *: Satera MF656Cdw/Satera MF654Cdw firmware v05.04 and earlier sold in Japan. Color imageCLASS MF656Cdw/Color imageCLASS MF654Cdw/Color imageCLASS MF653Cdw/Color imageCLASS MF652Cdw/Color imageCLASS LBP633Cdw/Color imageCLASS LBP632Cdw firmware v05.04 and earlier sold in US. i-SENSYS MF657Cdw/i-SENSYS MF655Cdw/i-SENSYS MF651Cdw/i-SENSYS LBP633Cdw/i-SENSYS LBP631Cdw firmware v05.04 and earlier sold in Europe.","published_at":"2025-01-28T00:39:54.686000Z","last_modified_at":null,"cvss_v3_score":9.8,"cvss_v3_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","cvss_v3_severity":"CRITICAL","cvss_v4_score":null,"cvss_v4_vector":null,"cvss_v4_severity":null,"ssvc_decision":null,"ssvc_exploitation":"none","ssvc_automatable":true,"ssvc_technical_impact":"total","cwes":["CWE-787"],"nvd_references":["https://psirt.canon/advisory-information/cp2025-001/","https://canon.jp/support/support-info/250127vulnerability-response","https://www.usa.canon.com/support/canon-product-advisories/service-notice-regarding-vulnerability-measure-against-buffer-overflow-for-laser-printers-and-small-office-multifunctional-printers","https://www.canon-europe.com/support/product-security/#news"],"vuln_status":null,"trending_score":null,"is_trending":false,"has_trended":false,"trended_number_one":false,"trending_peak_score":null,"trending_peak_rank":null,"started_trending_at":null,"trended_number_one_at":null,"summary_generated":null,"summary_generated_at":null,"summary_model":null,"created_at":"2026-06-24T00:09:39.878444Z","updated_at":"2026-06-29T01:50:55.206614Z"},"effective_severity":"CRITICAL","badges":[],"impact_analysis":[],"cvss_v3_decoded":{"version":"3.1","metrics":[{"metric":"AV","name":"Attack Vector","value":"N","value_label":"Network"},{"metric":"AC","name":"Attack Complexity","value":"L","value_label":"Low"},{"metric":"PR","name":"Privileges Required","value":"N","value_label":"None"},{"metric":"UI","name":"User Interaction","value":"N","value_label":"None"},{"metric":"S","name":"Scope","value":"U","value_label":"Unchanged"},{"metric":"C","name":"Confidentiality","value":"H","value_label":"High"},{"metric":"I","name":"Integrity","value":"H","value_label":"High"},{"metric":"A","name":"Availability","value":"H","value_label":"High"}]},"cvss_v4_decoded":{"version":null,"metrics":[]},"affected":[{"vendor_slug":"canon-inc.","vendor_name":"Canon Inc.","product_slug":"color-imageclass-lbp632cdw","product_name":"Color imageCLASS LBP632Cdw","version_start":"05.04 and earlier","version_start_inclusive":true,"version_end":"05.04 and earlier","version_end_inclusive":true,"cpe23_uri":"cve5:canon-inc.:color-imageclass-lbp632cdw:05.04 and earlier:05.04 and earlier"},{"vendor_slug":"canon-inc.","vendor_name":"Canon Inc.","product_slug":"color-imageclass-lbp633cdw","product_name":"Color imageCLASS LBP633Cdw","version_start":"05.04 and earlier","version_start_inclusive":true,"version_end":"05.04 and earlier","version_end_inclusive":true,"cpe23_uri":"cve5:canon-inc.:color-imageclass-lbp633cdw:05.04 and earlier:05.04 and earlier"},{"vendor_slug":"canon-inc.","vendor_name":"Canon Inc.","product_slug":"color-imageclass-mf652cdw","product_name":"Color imageCLASS MF652Cdw","version_start":"05.04 and earlier","version_start_inclusive":true,"version_end":"05.04 and earlier","version_end_inclusive":true,"cpe23_uri":"cve5:canon-inc.:color-imageclass-mf652cdw:05.04 and earlier:05.04 and earlier"},{"vendor_slug":"canon-inc.","vendor_name":"Canon Inc.","product_slug":"color-imageclass-mf653cdw","product_name":"Color imageCLASS MF653Cdw","version_start":"05.04 and earlier","version_start_inclusive":true,"version_end":"05.04 and earlier","version_end_inclusive":true,"cpe23_uri":"cve5:canon-inc.:color-imageclass-mf653cdw:05.04 and earlier:05.04 and earlier"},{"vendor_slug":"canon-inc.","vendor_name":"Canon Inc.","product_slug":"color-imageclass-mf654cdw","product_name":"Color imageCLASS MF654Cdw","version_start":"05.04 and earlier","version_start_inclusive":true,"version_end":"05.04 and earlier","version_end_inclusive":true,"cpe23_uri":"cve5:canon-inc.:color-imageclass-mf654cdw:05.04 and earlier:05.04 and earlier"},{"vendor_slug":"canon-inc.","vendor_name":"Canon Inc.","product_slug":"color-imageclass-mf656cdw","product_name":"Color imageCLASS MF656Cdw","version_start":"05.04 and earlier","version_start_inclusive":true,"version_end":"05.04 and earlier","version_end_inclusive":true,"cpe23_uri":"cve5:canon-inc.:color-imageclass-mf656cdw:05.04 and earlier:05.04 and earlier"},{"vendor_slug":"canon-inc.","vendor_name":"Canon Inc.","product_slug":"i-sensys-lbp631cdw","product_name":"i-SENSYS LBP631Cdw","version_start":"05.04 and earlier","version_start_inclusive":true,"version_end":"05.04 and earlier","version_end_inclusive":true,"cpe23_uri":"cve5:canon-inc.:i-sensys-lbp631cdw:05.04 and earlier:05.04 and earlier"},{"vendor_slug":"canon-inc.","vendor_name":"Canon Inc.","product_slug":"i-sensys-lbp633cdw","product_name":"i-SENSYS LBP633Cdw","version_start":"05.04 and earlier","version_start_inclusive":true,"version_end":"05.04 and earlier","version_end_inclusive":true,"cpe23_uri":"cve5:canon-inc.:i-sensys-lbp633cdw:05.04 and earlier:05.04 and earlier"},{"vendor_slug":"canon-inc.","vendor_name":"Canon Inc.","product_slug":"i-sensys-mf651cdw","product_name":"i-SENSYS MF651Cdw","version_start":"05.04 and earlier","version_start_inclusive":true,"version_end":"05.04 and earlier","version_end_inclusive":true,"cpe23_uri":"cve5:canon-inc.:i-sensys-mf651cdw:05.04 and earlier:05.04 and earlier"},{"vendor_slug":"canon-inc.","vendor_name":"Canon Inc.","product_slug":"i-sensys-mf655cdw","product_name":"i-SENSYS MF655Cdw","version_start":"05.04 and earlier","version_start_inclusive":true,"version_end":"05.04 and earlier","version_end_inclusive":true,"cpe23_uri":"cve5:canon-inc.:i-sensys-mf655cdw:05.04 and earlier:05.04 and earlier"},{"vendor_slug":"canon-inc.","vendor_name":"Canon Inc.","product_slug":"i-sensys-mf657cdw","product_name":"i-SENSYS MF657Cdw","version_start":"05.04 and earlier","version_start_inclusive":true,"version_end":"05.04 and earlier","version_end_inclusive":true,"cpe23_uri":"cve5:canon-inc.:i-sensys-mf657cdw:05.04 and earlier:05.04 and earlier"},{"vendor_slug":"canon-inc.","vendor_name":"Canon Inc.","product_slug":"satera-mf654cdw","product_name":"Satera MF654Cdw","version_start":"05.04 and earlier","version_start_inclusive":true,"version_end":"05.04 and earlier","version_end_inclusive":true,"cpe23_uri":"cve5:canon-inc.:satera-mf654cdw:05.04 and earlier:05.04 and earlier"},{"vendor_slug":"canon-inc.","vendor_name":"Canon Inc.","product_slug":"satera-mf656cdw","product_name":"Satera MF656Cdw","version_start":"05.04 and earlier","version_start_inclusive":true,"version_end":"05.04 and earlier","version_end_inclusive":true,"cpe23_uri":"cve5:canon-inc.:satera-mf656cdw:05.04 and earlier:05.04 and earlier"}],"exploit_refs":[],"news":[],"references":[{"url":"https://psirt.canon/advisory-information/cp2025-001/","source_type":"VENDOR_ADVISORY","tags":["advisory"]},{"url":"https://canon.jp/support/support-info/250127vulnerability-response","source_type":"MISC","tags":[]},{"url":"https://www.usa.canon.com/support/canon-product-advisories/service-notice-regarding-vulnerability-measure-against-buffer-overflow-for-laser-printers-and-small-office-multifunctional-printers","source_type":"VENDOR_ADVISORY","tags":["advisory"]},{"url":"https://www.canon-europe.com/support/product-security/#news","source_type":"MISC","tags":[]}],"timeline":[{"type":"published","at":"2025-01-28T00:39:54.686000Z","label":"CVE published","source":null},{"type":"cvss_changed","at":"2026-06-28T17:32:38.180185Z","label":"CVSS score revised","source":"cvelistv5"},{"type":"cvss_changed","at":"2026-06-28T17:32:38.180185Z","label":"CVSS score revised","source":"cvelistv5"},{"type":"cvss_changed","at":"2026-06-28T17:32:38.180185Z","label":"CVSS score revised","source":"cvelistv5"},{"type":"ssvc_changed","at":"2026-06-29T01:50:55.206614Z","label":"SSVC decision revised","source":"vulnrichment"},{"type":"ssvc_changed","at":"2026-06-29T01:50:55.206614Z","label":"SSVC decision revised","source":"vulnrichment"},{"type":"ssvc_changed","at":"2026-06-29T01:50:55.206614Z","label":"SSVC decision revised","source":"vulnrichment"}]}