CVE-2026-1789

MEDIUM

Canon imagePRESS Series - Info Disclosure

Title source: llm

Description

A vulnerability in the browser-based remote management interface may allow an administrator to access sensitive information on the device via crafted requests, affecting certain production printers and office/small office multifunction printers.

References (4)

[Vendor Advisory] https://canon.jp/support/support-info/260423vulnerability-response

[Vendor Advisory] https://www.usa.canon.com/about-us/to-our-customers/cpa2026-003-vulnerability-mitigation-remediation-for-production-printers-and-office-multifunction-printers

[Vendor Advisory] https://www.canon-europe.com/support/product-security/

[Vendor Advisory] https://psirt.canon/advisory-information/cp2026-003/

Scores

CVSS v3 4.9

EPSS 0.0006

EPSS Percentile 18.9%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N

CISA SSVC

Vulnrichment

Exploitation none

Automatable no

Technical Impact partial

Details

CWE

CWE-807

Status published

Products (15)

Canon Inc./i-SENSYS C1533iF II v16.04 or earlier

Canon Inc./i-SENSYS MF842Cdw v16.04 or earlier

Canon Inc./i-SENSYS X C1538 iF II v16.04 or earlier

Canon Inc./imageCLASS X C1538iF II v16.04 or earlier

Canon Inc./imageCLASS X MF1538C II v16.04 or earlier

Canon Inc./imageFORCE Series all version

Canon Inc./imagePRESS Series all version

Canon Inc./imageRUNNER ADVANCE Series all version

Canon Inc./imageRUNNER Series all version

Canon Inc./MF842CDW v16.04 or earlier

... and 5 more

Published Apr 24, 2026

Tracked Since Apr 24, 2026