Gandalf_The_Grey
Level 85
Thread author
Verified
Honorary Member
Top Poster
Content Creator
Well-known
- Apr 24, 2016
- 7,773
According to an advisory published last week by Canon, drivers associated with several production printers, office multifunction printers, and laser printers are affected by an out-of-bounds vulnerability.
The security hole is tracked as CVE-2025-1268 and it has a CVSS severity score of 9.4. The flaw impacts the EMF recode processing of Generic Plus PCL6, UFR II, LIPS4, LIPSXL, and PS printer drivers, specifically versions 3.12 and earlier.
Canon told users that exploitation of the vulnerability can allow an attacker to prevent printing or potentially execute arbitrary code “when the print is processed by a malicious application”.
Microsoft’s Offensive Research and Security Engineering (MORSE) team has been credited for responsibly disclosing the vulnerability.
Users have been advised to check Canon websites for patched versions of the vulnerable printer drivers.

Critical Vulnerability Found in Canon Printer Drivers
Microsoft’s offensive security team warned Canon about a critical code execution vulnerability in printer drivers.