A significant security flaw has been identified in multiple FUJIFILM printer models, potentially allowing attackers to execute denial-of-service (DoS) attacks by sending malicious network packets. This vulnerability, designated as CVE-2025-48499, was publicly disclosed on August 4, 2025, and affects various models within the DocuPrint and Apeos series.
Understanding the Vulnerability
The root cause of this vulnerability lies in an out-of-bounds write error within the printers’ buffer memory management system. Specifically, the flaw is triggered when the printers process Internet Printing Protocol (IPP) and Line Printer Daemon (LPD) packets. FUJIFILM’s security advisory explains that the issue arises during data writing operations, where the system fails to adequately validate the length of incoming data. Consequently, when the printers receive specially crafted packets of certain lengths, data can be written beyond the allocated buffer space, leading to system crashes and unresponsiveness.
Technical Classification and Severity
This vulnerability has been classified under Common Weakness Enumeration (CWE) as CWE-787, which pertains to out-of-bounds write conditions. It has been assigned a Common Vulnerability Scoring System (CVSS) v3.1 score of 5.3, indicating medium severity, and a CVSS v4.0 score of 6.9, also reflecting medium severity.
Affected Printer Models
The vulnerability impacts several FUJIFILM printer models, including:
– DocuPrint Series:
– CP225w
– CP228w
– CP115w
– CP118w
– CP116w
– CP119w
– CM225fw
– CM228fw
– CM115w
– CM118w
– Apeos Series:
– 2150N
– 2350NDA
– 2150ND
– 2150NDA
Each of these models is vulnerable in specific firmware versions released prior to the latest security patches.
Discovery and Reporting
The vulnerability was discovered by security researchers Jia-Ju Bai, Rui-Nan Hu, Dong Zhang, and Zhen-Yu Guan from Beihang University’s School of Cyber Science and Technology. Their findings underscore the critical role of academic research in identifying and mitigating security vulnerabilities within enterprise hardware.
Risk Assessment
The primary risk associated with this vulnerability is the potential for denial-of-service attacks. By exploiting this flaw, an unauthenticated attacker with network access to the printer can send specially crafted packets that cause the device to crash, rendering it inoperable until manually rebooted. This could lead to significant operational disruptions, especially in environments where printers are essential for daily business functions.
Mitigation Strategies
To address this vulnerability, FUJIFILM has released updated firmware versions for all affected printer models. The company strongly recommends that users immediately update their devices to these fixed firmware versions, which range from version 01.11.00 to 01.24.00, depending on the specific model.
In addition to firmware updates, FUJIFILM advises implementing the following temporary measures:
1. Network Segmentation: Place affected printers behind firewalls to restrict external access and reduce the risk of exploitation.
2. Manual Rebooting: If a printer becomes unresponsive due to an attack, perform a manual reboot to restore functionality.
Organizations utilizing the affected FUJIFILM printers should prioritize these firmware updates and consider network segmentation as an interim protective measure. By doing so, they can minimize potential attack vectors and ensure the continued security and operational efficiency of their printing infrastructure.
Conclusion
The discovery of CVE-2025-48499 highlights the ongoing challenges in securing network-connected devices, such as printers, which are often overlooked in cybersecurity strategies. This incident serves as a reminder of the importance of regular firmware updates and proactive security measures to protect against emerging threats.
