This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Canon imageCLASS MF654Cdw printers. Authentication is not required to exploit this vulnerability. The ZDI has assigned a CVSS rating of 8.8. The following CVEs are assigned: CVE-2025-14237.
ZDI-26-208: (Pwn2Own) Canon imageCLASS MF654Cdw TTF Parsing Integer Overflow Remote Code Execution Vulnerability
Inhalt
Verknuepfte CVEs
| CVE-ID | Severity (CVE.org) | CVSS (CVE.org) | EPSS | EPSS-% | Veroeffentlicht (CVE.org) |
|---|---|---|---|---|---|
| CRITICAL | 9.8 | - | - | 2026-01-15 |
Quellen-Details
| Bezeichnung | Name | Kategorie | Tags | Zielgruppe | Sprache | Feed-URL |
|---|---|---|---|---|---|---|
| Zero Day Initiative (Published) | threat_intel | - | de | https://www.zerodayinitiative.com/rss/published/ |