#VU113617 Out-of-bounds write in FUJIFILM Business Innovation products - CVE-2025-48499
Published: August 4, 2025
Vulnerability identifier: #VU113617
Vulnerability risk: Medium
CVSSv4.0: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:U/U:Green
CVE-ID: CVE-2025-48499
CWE-ID: CWE-787
Exploitation vector: Remote access
Exploit availability:
No public exploit available
Vulnerable software:
DocuPrint CP225w
DocuPrint CP228w
DocuPrint CP115w
DocuPrint CP118w
DocuPrint CP116w
DocuPrint CP119w
DocuPrint CM225fw
DocuPrint CM228fw
DocuPrint CM115w
DocuPrint CM118w
Apeos 2150 N
Apeos 2350 NDA
Apeos 2150 ND
Apeos 2150 NDA
DocuPrint CP225w
DocuPrint CP228w
DocuPrint CP115w
DocuPrint CP118w
DocuPrint CP116w
DocuPrint CP119w
DocuPrint CM225fw
DocuPrint CM228fw
DocuPrint CM115w
DocuPrint CM118w
Apeos 2150 N
Apeos 2350 NDA
Apeos 2150 ND
Apeos 2150 NDA
Software vendor:
FUJIFILM Business Innovation
FUJIFILM Business Innovation
Description
The vulnerability allows a remote attacker to compromise vulnerable system.
The vulnerability exists due to a boundary error when processing untrusted input. A remote attacker can use a specially crafted IPP (Internet Printing Protocol) or LPD (Line Printer Daemon) packet, trigger an out-of-bounds write and perform a denial of service (DoS) attack the target system.
Remediation
Install updates from vendor's website.