CVE-2025-48499
📋 TL;DR
An out-of-bounds write vulnerability in FUJIFILM Business Innovation MFPs allows attackers to cause a denial-of-service condition by sending specially crafted IPP or LPD packets. Affected devices become unresponsive and require physical reset to recover. Organizations using vulnerable FUJIFILM MFPs are at risk.
💻 Affected Systems
- FUJIFILM Business Innovation MFPs
⚠️ Manual Verification Required
This CVE does not have specific version information in our database, so automatic vulnerability detection cannot determine if your system is affected.
Why? The CVE database entry doesn't specify which versions are vulnerable (no version ranges provided by the vendor/NVD).
🔒 Custom verification scripts are available for registered users. Sign up free to download automated test scripts.
- Review the CVE details at NVD
- Check vendor security advisories for your specific version
- Test if the vulnerability is exploitable in your environment
- Consider updating to the latest version as a precaution
⚠️ Risk & Real-World Impact
Worst Case
Persistent DoS attacks could render printing infrastructure unavailable for extended periods, disrupting business operations.
Likely Case
Temporary service disruption requiring manual MFP reset, causing productivity loss during reset period.
If Mitigated
Minimal impact if network segmentation and access controls prevent unauthorized access to printing services.
🎯 Exploit Status
Exploitation requires crafting specific IPP/LPD packets but does not require authentication. No public exploit code known at this time.
🛠️ Fix & Mitigation
✅ Official Fix
Patch Version: Check vendor firmware updates
Vendor Advisory: https://www.fujifilm.com/fbglobal/eng/company/news/notice/2025/0804_announce.html
Restart Required: Yes
Instructions:
1. Check Fujifilm advisory for specific affected models. 2. Download latest firmware from Fujifilm support portal. 3. Apply firmware update following manufacturer instructions. 4. Verify update completion and service restoration.
🔧 Temporary Workarounds
Disable IPP/LPD Services
allTemporarily disable vulnerable printing protocols until patch can be applied
Access MFP web interface > Network Settings > Protocol Settings > Disable IPP and LPD
Network Segmentation
allRestrict access to printing services to authorized networks only
Configure firewall rules to allow printing protocols only from trusted subnets
🧯 If You Can't Patch
- Implement strict network access controls to limit who can communicate with MFPs on ports 631 (IPP) and 515 (LPD)
- Monitor MFP availability and implement alerting for unexpected device resets or service disruptions
🔍 How to Verify
Check if Vulnerable:
Check MFP firmware version against vendor advisory. Test by attempting to print via IPP/LPD and monitoring for service disruption.Check Version:
Access MFP web interface > System Settings > Firmware InformationVerify Fix Applied:
Verify firmware version has been updated. Test with legitimate IPP/LPD printing requests to ensure functionality is restored.📡 Detection & Monitoring
Log Indicators:
- Multiple failed IPP/LPD connection attempts
- Unexpected MFP reset events
- Print service interruption logs
Network Indicators:
- Unusual traffic patterns to port 631 (IPP) or 515 (LPD)
- Malformed IPP/LPD packets in network captures
SIEM Query:
source="mfp-logs" AND (event="service_reset" OR event="protocol_error")