CVE-2025-14237 is a critical security vulnerability classified as CWE-787 (Out-of-bounds Write) affecting Canon Inc.'s Satera LBP670C Series and several related multifunction and laser printers, including Color imageCLASS and i-SENSYS series sold in Europe, Japan, and the US. The flaw resides in the XPS font parsing functionality within the printer firmware (version 06.02 and earlier). Specifically, a buffer overflow occurs when processing XPS font data, allowing an attacker on the same network segment to send specially crafted print jobs that trigger out-of-bounds memory writes. This can lead to the printer becoming unresponsive (denial of service) or, more critically, enable arbitrary code execution on the device. The vulnerability requires no authentication or user interaction, and the attack vector is network-based, making it highly exploitable in environments where the printer is accessible. The CVSS 4.0 base score is 9.3, reflecting the critical nature of this vulnerability with high impact on confidentiality, integrity, and availability. Although no public exploits have been reported yet, the vulnerability's characteristics suggest that exploitation could lead to full compromise of the printer, potentially allowing attackers to pivot into internal networks or intercept sensitive print data. The affected firmware versions are widespread across multiple Canon printer models, including those sold in Europe, emphasizing the need for urgent mitigation. No official patches have been linked yet, but Canon is the assigner and the vulnerability is publicly disclosed as of January 2026.

For European organizations, this vulnerability poses a significant risk due to the widespread deployment of affected Canon printer models in offices and small businesses. Exploitation could lead to denial of service, disrupting printing operations critical for daily business functions. More severely, arbitrary code execution on printers can provide attackers with a foothold inside corporate networks, enabling lateral movement, data exfiltration, or further compromise of connected systems. Since printers often have network access and may not be as rigorously secured or monitored as other endpoints, they represent an attractive attack vector. Confidential documents sent to printers could be intercepted or manipulated, impacting data confidentiality and integrity. The lack of authentication and user interaction requirements lowers the barrier for attackers, increasing the likelihood of exploitation in environments where printers are accessible on the network. This vulnerability could also affect compliance with data protection regulations such as GDPR if sensitive information is exposed or compromised.

European organizations should immediately identify all affected Canon printer models running firmware version 06.02 or earlier. Until official patches are released by Canon, organizations should implement strict network segmentation to isolate printers from critical IT infrastructure and restrict access to trusted users and devices only. Employ network monitoring and intrusion detection systems to detect anomalous print job traffic or exploitation attempts targeting XPS font parsing. Disable or restrict remote printing protocols where feasible, and enforce strong access controls on printer management interfaces. Regularly audit printer firmware versions and plan for prompt updates once Canon releases security patches. Additionally, consider deploying endpoint security solutions capable of monitoring printer network traffic and behavior. Educate IT staff about this vulnerability to ensure rapid response to any suspicious activity. Finally, review and enhance logging on printers to capture detailed records of print jobs and administrative actions for forensic analysis if needed.