The vulnerability, designated CVE-2025-48499, impacts the Internet Printing Protocol (IPP) and Line Printer Daemon (LPD) protocol processing capabilities across various DocuPrint and Apeos printer series.
The security flaw stems from improper data validation during buffer memory operations within the printer’s protocol processing system.
According to FUJIFILM’s technical analysis, the vulnerability occurs when the printer fails to adequately validate data length parameters in existing logic frameworks.
When packets of specific predetermined lengths are transmitted to affected devices, the incoming data may be written beyond the designated buffer memory area, triggering a buffer overflow condition that results in system instability.
The vulnerability is classified under CWE-400 (Uncontrolled Resource Consumption), indicating that malicious actors could potentially exploit this flaw to launch denial-of-service attacks against vulnerable printers.
The affected protocols—IPP, which handles modern network printing requests, and LPD, a legacy protocol still widely used in enterprise environments—represent critical communication pathways that could be targeted by attackers seeking to disrupt printing operations.
Security researchers from Beihang University’s School of Cyber Science and Technology, including Jia-Ju Bai, Rui-Nan Hu, Dong Zhang, and Zhen-Yu Guan, discovered and responsibly disclosed this vulnerability to FUJIFILM, enabling the company to develop appropriate countermeasures.
FUJIFILM has released updated firmware versions addressing the vulnerability across all affected product lines.
The DocuPrint CP225w and CP228w models require firmware version 01.24.00 or later, while the CP115w, CP116w, CP118w, and CP119w series need version 01.11.00 or later.
The DocuPrint CM225fw and CM228fw multifunction devices require firmware 01.13.00 or later, and the Apeos 2150 and 2350 series need version 01.20.50 or later.
As immediate protective measures, FUJIFILM recommends deploying affected printers behind properly configured firewalls to prevent external exploitation attempts.
Organizations should prioritize firmware updates and implement network segmentation strategies to isolate printing infrastructure from potentially malicious traffic.
In cases where printers experience freezing symptoms, administrators can restore functionality through device reboots while planning systematic firmware deployment across their printer fleets.
Find this Story Interesting! Follow us on LinkedIn and X to Get More Instant Updates
The post FUJIFILM Printer Vulnerability Allows Attackers to Trigger Denial-of-Service appeared first on Cyber Security News.
The ransomware threat landscape entered a new phase in 2025. Once a highly reliable criminal…
The ransomware threat landscape entered a new phase in 2025. Once a highly reliable criminal…
The ransomware threat landscape entered a new phase in 2025. Once a highly reliable criminal…
A coordinated supply chain attack struck the developer community on March 16, 2026, when a…
A coordinated supply chain attack struck the developer community on March 16, 2026, when a…
A coordinated supply chain attack struck the developer community on March 16, 2026, when a…
This website uses cookies.