Canon imageCLASS MF654Cdw XML SOAP Request Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability

A critical remote code execution vulnerability (CVE-2025-14231) has been discovered in Canon imageCLASS MF654Cdw printers, allowing unauthenticated network-adjacent attackers to execute arbitrary code with a CVSS severity rating of 8.8. Organizations using these printers should treat this as a high-priority threat since no authentication is required for exploitation. Security teams should immediately inventory affected devices, isolate them from untrusted networks where possible, and apply any available patches from Canon while monitoring for suspicious printer access patterns.