CVE-2025-1268
CRITICALCanon Generic Plus Printer Drivers - Out-of-Bounds Write in EMF Recode Processing
Title source: llmDescription
Out-of-bounds vulnerability in EMF Recode processing of Generic Plus PCL6 Printer Driver / Generic Plus UFR II Printer Driver / Generic Plus LIPS4 Printer Driver / Generic Plus LIPSLX Printer Driver / Generic Plus PS Printer Driver / Generic FAX Printer Driver / UFRII LT Printer Driver / CARPS2 Printer Driver / PDF Driver / LIPS4 Printer Driver / LIPSLX Printer Driver / UFR II Printer Driver / PS Printer Driver / PCL6 Printer Driver
References (4)
Core 4
Core References
Various Sources vendor-advisory
https://psirt.canon/advisory-information/cp2025-003/
Various Sources vendor-advisory
https://canon.jp/support/support-info/250328vulnerability-response
Various Sources vendor-advisory
https://www.usa.canon.com/about-us/to-our-customers/service-notice-vulnerability-remediation-for-certain-printer-drivers-for-production-printers-office-small-office-multifunction-printers-and-laser-printers
Various Sources vendor-advisory
https://www.canon-europe.com/support/product-security/
Scores
CVSS v3
9.4
EPSS
0.0076
EPSS Percentile
50.3%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:L
CISA SSVC
Vulnrichment
Exploitation
none
Automatable
yes
Technical Impact
total
Details
CWE
CWE-787
Status
published
Products (14)
Canon Inc./CARPS2 Printer Driver
31.01 and earlier
Canon Inc./Generic FAX Printer Driver
10.65 and earlier
Canon Inc./Generic Plus LIPS4 Printer Driver
3.12 and earlier
Canon Inc./Generic Plus LIPSLX Printer Driver
3.12 and earlier
Canon Inc./Generic Plus PCL6 Printer Driver
3.12 and earlier
Canon Inc./Generic Plus PS Printer Driver
3.12 and earlier
Canon Inc./Generic Plus UFR II Printer Driver
3.12 and earlier
Canon Inc./LIPS4 Printer Driver
15.00 and earlier
Canon Inc./LIPSLX Printer Driver
15.00 and earlier
Canon Inc./PCL6 Printer Driver
15.00 and earlier
... and 4 more
Published
Mar 31, 2025
Tracked Since
Feb 18, 2026