Canon has issued a warning about security vulnerabilities in printer drivers. These flaws could allow attackers to inject and execute malicious code, putting users at significant risk.
What’s the Issue?
A critical security vulnerability exists in Canon printer drivers, potentially allowing attackers to inject and execute malicious code. Furthermore, security flaws in the firmware of some printers can also allow attackers to inject code onto the affected devices.
In the according security advisory, Canon warns of the security flaw in its printer drivers: “Out-of-bounds vulnerability was found in certain printer drivers for production printers, office/small office multifunction printers and laser printers that may prevent printing and/or potentially be able to execute arbitrary code when the print is processed by a malicious application.” Canon describes the vulnerability somewhat vaguely.
Problem: Memory access outside of intended limits
This error can occur when the printer driver processes EMF files. EMF files are “enhanced metafiles,” advanced WMF files that have been enhanced for high-end printing (CVE-2025-1268, CVSS 9.4, risk “critical”).
Canon hasn’t disclosed the exact nature of the security vulnerability or how administrators can detect abuse or attempted exploitation. The affected printer drivers are “Generic Plus” PCL6, UFR II, LIPS4, LIPSLX, and PS up to and including version 3.12. The new printer drivers are said to be available for download on Canon’s local websites.
Canon: Firmware Vulnerabilities: Another Layer of Risk
Security vulnerabilities in the firmware of some Canon laser printers and small office multifunction printers have so far remained under the radar. A security advisory was issued at the end of February, in which the developers warned of a buffer overflow in the firmware. If the printers are directly connected to the internet via a wired or wireless router, attackers could potentially remotely inject and execute malicious code or launch a denial-of-service attack. Canon lists three CVE numbers for the vulnerabilities: CVE-2024-12647, CVE-2024-12648, and CVE-2024-12649. The Japanese CERT has assessed the risk as “critical” with a CVSS score of 9.8.
Affected printers are the Imageclass MF series MF455DW, MF453DW, MF452DW, MF451DW, MF656CDW, MF654CDW, MF653CDW, MF652CW, MF1238 II, MF1643iF II, and MF1643i II. Also affected are the Imageclass LBP LBP237DW, LBP236DW, LBP632CDW, LBP633CDW, and LBP1238 II printers.
How to Update
If your Canon printer has a touchscreen panel:
- Tap “Update Firmware” on the home screen
- Agree to the license window to begin the update
If your printer has a black-and-white display:
- Go to Menu > Management Settings > Remote UI Settings/Update Firmware
- Choose “Via Internet”, then confirm the license window
The latest firmware patches eliminate these critical flaws, and Canon strongly urges users to update immediately.
Canon’s Official Advisory
For full technical details, visit Canon’s official security page:
🔗 https://psirt.canon/advisory-information/cp2025-003