CVE-2024-12647
CRITICALDescription
Buffer overflow in CPCA font download processing of Small Office Multifunction Printers and Laser Printers(*) which may allow an attacker on the network segment to trigger the affected product being unresponsive or to execute arbitrary code. *: Satera MF656Cdw/Satera MF654Cdw firmware v05.04 and earlier sold in Japan. Color imageCLASS MF656Cdw/Color imageCLASS MF654Cdw/Color imageCLASS MF653Cdw/Color imageCLASS MF652Cdw/Color imageCLASS LBP633Cdw/Color imageCLASS LBP632Cdw firmware v05.04 and earlier sold in US. i-SENSYS MF657Cdw/i-SENSYS MF655Cdw/i-SENSYS MF651Cdw/i-SENSYS LBP633Cdw/i-SENSYS LBP631Cdw firmware v05.04 and earlier sold in Europe.
Is your site exposed to CVE-2024-12647?
Run a free security scan — no signup, results in seconds.
CVSS v3.1 Score
Weakness Type (CWE)
Affected Products
| Vendor | Product |
|---|---|
| canon | mf455dw_firmware |
| canon | mf455dw |
| canon | mf453dw_firmware |
| canon | mf453dw |
| canon | mf452dw_firmware |
| canon | mf452dw |
| canon | mf451dw_firmware |
| canon | mf451dw |
| canon | mf465dw_firmware |
| canon | mf465dw |
| canon | mf462dw_firmware |
| canon | mf462dw |
| canon | mf656cdw_firmware |
| canon | mf656cdw |
| canon | mf654cdw_firmware |
| canon | mf654cdw |
| canon | mf653cdw_firmware |
| canon | mf653cdw |
| canon | mf652cw_firmware |
| canon | mf652cw |
| canon | mf1238_ii_firmware |
| canon | mf1238_ii |
| canon | mf1440_firmware |
| canon | mf1440 |
| canon | mf1643if_ii_firmware |
| canon | mf1643if_ii |
| canon | mf1643i_ii_firmware |
| canon | mf1643i_ii |
| canon | lbp237dw_firmware |
| canon | lbp237dw |
| canon | lbp236dw_firmware |
| canon | lbp236dw |
| canon | lbp247dw_firmware |
| canon | lbp247dw |
| canon | lbp246dw_firmware |
| canon | lbp246dw |
| canon | lbp633cdw_firmware |
| canon | lbp633cdw |
| canon | lbp632cdw_firmware |
| canon | lbp632cdw |
| canon | lbp1238_ii_firmware |
| canon | lbp1238_ii |
| canon | lbp1440_firmware |
| canon | lbp1440 |
References
Advisories & Patches
Frequently Asked Questions
What is CVE-2024-12647? +
How severe is CVE-2024-12647? +
What products are affected by CVE-2024-12647? +
How do I check if I'm vulnerable to CVE-2024-12647? +
Related Vulnerabilities
LibreOffice Calc can import tracked changes from a spreadsheet document. A heap buffer overflow existed when a document reused the …
LibreOffice can import presentations in the legacy binary PPT format. A stack buffer overflow existed when importing a colour-replacement record. …
A heap use-after-free existed when importing the blank-width characters of an ODF number format. A position value read from the …
LibreOffice can import drawings in the DXF format used by CAD software. A heap buffer overflow existed when importing a …
The method "sock_recvfrom_into()" of "asyncio.ProacterEventLoop" (Windows only) was missing a boundary check for the data buffer when using nbytes parameter. …
editorconfig-core-c is an EditorConfig core library for use by plugins supporting EditorConfig parsing. Versions up to and including 0.12.10 have …