CVE-2025-48499 is an out-of-bounds write vulnerability identified in FUJIFILM Business Innovation Corp.'s multifunction printers (MFPs), specifically the DocuPrint CP225 w model with firmware versions 01.23.02 and earlier. The vulnerability arises from improper handling of specially crafted packets sent via the Internet Printing Protocol (IPP) or Line Printer Daemon (LPD) protocol, both commonly used network printing protocols. An attacker can exploit this vulnerability remotely without requiring authentication or user interaction by sending maliciously crafted IPP or LPD packets to the affected device. Successful exploitation results in an out-of-bounds write condition, which leads to a denial-of-service (DoS) state where the printer becomes unresponsive and requires a manual reset to recover. The CVSS v3.1 base score is 5.3, indicating a medium severity level. The attack vector is network-based (AV:N), with low attack complexity (AC:L), no privileges required (PR:N), and no user interaction needed (UI:N). The impact is limited to availability (A:L) with no confidentiality or integrity impact. No known exploits are currently reported in the wild, and no patches have been linked yet. This vulnerability could be leveraged by attackers to disrupt printing services in organizations relying on these devices, potentially impacting business operations that depend on printing capabilities.

For European organizations, the primary impact of this vulnerability is service disruption due to denial-of-service conditions on affected FUJIFILM DocuPrint CP225 w MFPs. Organizations with critical printing needs—such as legal firms, government agencies, healthcare providers, and financial institutions—may experience operational delays or interruptions. While the vulnerability does not directly compromise data confidentiality or integrity, the loss of availability can hinder workflows, delay document processing, and reduce productivity. In environments where printing is integral to compliance or audit processes, such disruptions could indirectly affect regulatory adherence. Additionally, if attackers use this vulnerability as part of a broader attack campaign, it could serve as a vector for distraction or resource exhaustion. Given the lack of authentication requirements and ease of exploitation, attackers could launch DoS attacks from remote locations, including from outside the organization’s network if the devices are exposed to the internet or poorly segmented internal networks.

European organizations should take proactive steps to mitigate this vulnerability beyond generic advice. First, conduct an immediate inventory of FUJIFILM DocuPrint CP225 w devices and verify firmware versions; prioritize upgrading devices to versions later than 01.23.02 once patches are released by the vendor. Until patches are available, restrict network access to these printers by implementing strict firewall rules that limit IPP and LPD protocol traffic to trusted management and user subnets only. Disable IPP and LPD services on devices if not required or replace them with more secure printing protocols. Employ network segmentation to isolate printers from critical infrastructure and sensitive data environments. Monitor network traffic for unusual or malformed IPP/LPD packets indicative of exploitation attempts. Establish incident response procedures to quickly reset affected devices and restore printing services. Engage with FUJIFILM Business Innovation Corp. for timely patch information and consider vendor support contracts to receive security updates promptly. Finally, educate IT staff about this vulnerability and ensure that printer firmware updates become part of regular patch management cycles.