Microsoft Uncovers Critical Flaw in Canon Printer Drivers

TL;DR

Microsoft’s Offensive Research and Security Engineering (MORSE) team identified a critical vulnerability in Canon printer drivers, posing significant security risks. The flaw, tracked as CVE-2025-1268, affects various Canon printer models and could allow attackers to execute arbitrary code or prevent printing. Canon is urging users to update their printer drivers to mitigate these risks.

Microsoft Uncovers Critical Flaw in Canon Printer Drivers

Researchers at Microsoft’s Offensive Research and Security Engineering (MORSE) team have discovered a critical code execution vulnerability in Canon printer drivers. This vulnerability, tracked as CVE-2025-1268 with a CVSS score of 9.4, affects a wide range of Canon printer models, including production printers, office/small office multifunction printers, and laser printers.

Vulnerability Details

The vulnerability is an out-of-bounds issue affecting the EMF recode processing in several Canon printer drivers, including:

• Generic Plus PCL6
• UFR II
• LIPS4
• LIPSXL
• PS printer drivers

An attacker exploiting this flaw could prevent printing and potentially execute arbitrary code under certain conditions.

Canon’s Advisory

Canon has issued an advisory acknowledging the vulnerability:

“An out-of-bounds vulnerability was found in certain printer drivers for production printers, office/small office multifunction printers, and laser printers that may prevent printing and/or potentially be able to execute arbitrary code when the print is processed by a malicious application.” ¹

Mitigation Steps

Canon is addressing the issue by uploading fixed printer drivers to local sales websites. Users are advised to install the latest versions to mitigate the risk. Additionally, Canon has addressed other vulnerabilities that could allow remote code execution or Denial-of-Service (DoS) attacks against its printers.

Additional Vulnerabilities

Canon has also identified multiple buffer overflow vulnerabilities in its Laser Printers and Small Office Multifunctional Printers:

“If the product is connected directly to the Internet without using a wired or Wi-Fi router, a third party could potentially execute arbitrary code or the product could be subjected to a Denial-of-Service (DoS) attack.” ²

Stay Updated

For the latest updates and security advisories, follow:

• @securityaffairs on Twitter
• Security Affairs on Facebook
• Security Affairs on Mastodon

Conclusion

The discovery of this critical vulnerability underscores the importance of keeping printer drivers up-to-date. Users are strongly advised to update their Canon printer drivers to the latest versions to protect against potential security threats.

For more details, visit the full article: source

References

1. Canon (2025). “Canon Product Advisories”. Canon. Retrieved 2025-04-01. ↩︎

2. Canon U.S.A., Inc. (2025). “Service Notice Regarding Vulnerability Measure Against Buffer Overflow for Laser Printers and Small Office Multifunctional Printers”. Canon U.S.A., Inc. Retrieved 2025-04-01. ↩︎