CVE-2024-45320
📋 TL;DR
An out-of-bounds write vulnerability in Fujifilm DocuPrint multifunction printers allows attackers to cause denial-of-service by sending specially crafted printer job files. This affects specific DocuPrint CP and CM series models running vulnerable firmware versions. Organizations using these printers for document processing are at risk.
💻 Affected Systems
- DocuPrint CP225w
- DocuPrint CP228w
- DocuPrint CM225fw
- DocuPrint CM228fw
⚠️ Manual Verification Required
This CVE does not have specific version information in our database, so automatic vulnerability detection cannot determine if your system is affected.
Why? The CVE database entry doesn't specify which versions are vulnerable (no version ranges provided by the vendor/NVD).
🔒 Custom verification scripts are available for registered users. Sign up free to download automated test scripts.
- Review the CVE details at NVD
- Check vendor security advisories for your specific version
- Test if the vulnerability is exploitable in your environment
- Consider updating to the latest version as a precaution
⚠️ Risk & Real-World Impact
Worst Case
Complete printer unavailability requiring physical reset or service, potentially disrupting business operations that depend on printing capabilities.
Likely Case
Temporary printer crash requiring manual reboot, causing printing delays and minor operational disruption.
If Mitigated
Limited impact with network segmentation and job filtering preventing malicious files from reaching printers.
🎯 Exploit Status
Exploitation requires crafting specific printer job files but doesn't require authentication. No public exploit code is currently available.
🛠️ Fix & Mitigation
✅ Official Fix
Patch Version: CP models: later than 01.22.01, CM models: later than 01.10.01
Vendor Advisory: https://www.fujifilm.com/fbglobal/eng/company/news/notice/2025/0217_announce.html
Restart Required: Yes
Instructions:
1. Visit Fujifilm support website. 2. Download latest firmware for your specific model. 3. Upload firmware to printer via web interface. 4. Follow on-screen instructions to complete update. 5. Reboot printer after installation.
🔧 Temporary Workarounds
Network segmentation
allIsolate printers on separate VLANs with restricted access to prevent unauthorized print job submission.
Print job filtering
allImplement print server filtering to block suspicious or malformed print jobs before they reach vulnerable printers.
🧯 If You Can't Patch
- Disable direct printing from untrusted networks and require all jobs through secured print servers
- Implement monitoring for printer reboot events and unusual print job patterns
🔍 How to Verify
Check if Vulnerable:
Access printer web interface, navigate to Configuration/Status page, check firmware version against affected versions.Check Version:
Not applicable - check via printer web interface or physical display panelVerify Fix Applied:
After firmware update, verify version number is higher than affected versions in printer web interface.📡 Detection & Monitoring
Log Indicators:
- Printer crash/reboot logs
- Failed print job entries with unusual file characteristics
- Multiple connection attempts to printer ports
Network Indicators:
- Unusual traffic to printer ports (9100, 515, 631)
- Large or malformed print jobs from unexpected sources
SIEM Query:
source="printer_logs" AND (event="crash" OR event="reboot") OR dest_port IN (9100, 515, 631) AND bytes > 1000000