Canon imageCLASS MF654Cdw XPS Parser Stack-based Buffer Overflow Remote Code Execution Vulnerability

CVE-2025-14232 is a critical remote code execution vulnerability affecting Canon imageCLASS MF654Cdw printers that allows unauthenticated, network-adjacent attackers to execute arbitrary code with a CVSS score of 8.8. This vulnerability requires no authentication, making it easily exploitable for attackers on the same network to gain complete control of the printer and potentially pivot to connected systems. Security teams should immediately identify and inventory these printers in their environment, isolate them on restricted network segments if possible, apply patches when available from Canon, and monitor network traffic to these devices for suspicious activity.