Canon Marketing Japan Inc. and Canon Inc. have recently released an urgent security update concerning a vulnerability found in specific printer drivers. This vulnerability, known as CVE-2025-1268, impacts a variety of Canon printer models, including production printers, office multifunction devices, and small office multifunction devices.
The flaw was identified in Canon printer drivers, specifically in the Generic Plus series, which encompasses several common drivers utilized by both home and office users. The issue arises from a buffer overflow in Canon printer drivers when a print job is processed by a specially crafted application. This flaw could potentially allow unauthorized code to execute on affected systems, although the likelihood of this exploit being exploited is considered very low. Canon has underscored that there have been no confirmed instances of this vulnerability being actively abused.
This vulnerability represents a classic out-of-bounds vulnerability, which can result in unintended behavior in software. In this scenario, it could hinder printing functionality or potentially enable attackers to execute arbitrary code on the system.
The affected printer drivers include the Generic Plus PCL6 Printer Driver, Generic Plus UFR II Printer Driver, Generic Plus LIPS4 Printer Driver, Generic Plus LIPSLX Printer Driver, and Generic Plus PS Printer Driver. These drivers are commonly utilized in various Canon printer models, including production printers, office multifunction printers, small office multifunction printers, and laser printers.
The security implications of CVE-2025-1268 are significant as malicious actors could potentially exploit the vulnerability by utilizing a crafted application that interacts with the vulnerable Canon printer drivers. The severity of this issue, according to the CVSS (Common Vulnerability Scoring System), is rated at 9.4 on a scale of 0 to 10, categorizing it as critical. The CVSS 3.1 score for this vulnerability indicates a high impact on confidentiality and integrity with a low requirement for user interaction, making it a relatively straightforward vulnerability for attackers to exploit under the right circumstances.
Canon has advised users to update the affected printer drivers to the latest available versions to mitigate potential risks. These updates, containing fixes for the Canon printer vulnerability, can be obtained from the official Canon websites or through local Canon sales representatives.
The discovery of this vulnerability underscores the crucial role of security researchers, like Robert Ord and the Microsoft Offensive Research and Security Engineering (MORSE) Team, in identifying and mitigating potential risks in connected devices such as printers. While the immediate risk may be low, the discovery highlights the importance of regularly updating Canon printer drivers to uphold network security.
In conclusion, maintaining vigilance and promptly addressing vulnerabilities in printer drivers is essential to safeguarding systems from potential exploitation. Regular updates and proactive security measures can help mitigate risks and enhance overall cybersecurity posture.