A newly disclosed vulnerability in FUJIFILM’s Internet Printing Protocol (IPP) and Line Printer Daemon (LPD) processing logic allows malicious actors to send specially crafted packets that can freeze affected printers, causing a denial-of-service (DoS) condition.
FUJIFILM has released firmware updates to address the issue and urges customers to apply patches promptly.
On August 4, 2025, FUJIFILM Business Innovation Corp. announced the discovery of an out-of-bounds write vulnerability (CVE-2025-48499) in several of its DocuPrint and Apoes series printers.
The vulnerability arises during the data-writing phase in the printer’s buffer memory. Specifically, the existing logic fails to properly validate the length of incoming IPP or LPD protocol packets.
When a packet of certain length is received, the data can be written beyond the allocated buffer boundaries, leading to memory corruption and system instability.
Attackers exploiting this vulnerability need only send a maliciously constructed IPP or LPD request to any affected printer that is accessible over the network.
Upon processing the malformed packet, the printer’s firmware will attempt to write data past its buffer limit, causing the device to freeze. Recovery from this DoS state requires a manual reboot of the printer.
While no further malicious code execution has been observed, the DoS condition can severely disrupt printing services in corporate, government, or educational environments.
CVE-2025-48499 has been assigned a CVSS v3.1 score of 5.3 (Medium) and a CVSS v4.0 score of 6.9 (Medium), reflecting its ease of exploitation over the network without any requirement for user interaction or authentication.
The vulnerability is categorized under CWE-787: Out-of-bounds Write, indicating that improper bounds checking in the packet handling routine is the root cause.
FUJIFILM Printer Vulnerability
FUJIFILM has identified multiple device models that are vulnerable if running firmware versions at or below specified releases:
- DocuPrint CP Series
– CP225 w: v01.23.02 and earlier
– CP228 w: v01.23.02 and earlier
– CP115 w: v01.09.00 and earlier
– CP118 w: v01.09.00 and earlier
– CP116 w: v01.09.00 and earlier
– CP119 w: v01.09.00 and earlier - DocuPrint CM Series
– CM225 fw: v01.12.02 and earlier
– CM228 fw: v01.12.02 and earlier
– CM115 w: v01.09.01 and earlier
– CM118 w: v01.09.01 and earlier - Apoes Printer Series
– Apoes 2150 N / 2150 NDA / 2150 ND: v01.00.47 and earlier
– Apoes 2350 NDA: v01.00.47 and earlier
All other FUJIFILM products, as well as desktop or multifunction printers not listed above, are not impacted by this specific vulnerability.
Administrators should verify firmware versions via the device’s web interface or embedded control panel before proceeding with updates.
Mitigations
FUJIFILM strongly recommends that all customers upgrade affected printers to the latest fixed firmware as soon as possible.
Firmware updates are available for download on the official support website. Applying these patches will correct the buffer-length validation logic and prevent memory corruption when processing anomalous packets.
For environments where immediate updates are not feasible, FUJIFILM suggests isolating vulnerable printers behind a trusted network segment or firewall, thereby blocking unsolicited IPP and LPD traffic from untrusted sources.
If a printer does freeze, users must power-cycle the device to restore normal operation.
Acknowledgement is given to the research team—Jia-Ju Bai, Rui-Nan Hu, Dong Zhang, and Zhen-Yu Guan of the School of Cyber Science and Technology, Beihang University—for responsibly disclosing this issue.
FUJIFILM continues to monitor and address security concerns across its product lineup to safeguard organizational printing infrastructure.
Find this Story Interesting! Follow us on LinkedIn and X to Get More Instant Updates.
.webp?w=356&resize=356,220&ssl=1 "Microsoft Teams Blocking Users from Accessing Embedded Office Documents")
 and Line Printer Daemon (LPD).){kind=link}