Critical Vulnerability in Drivers Affects Multiple Canon Printers
The office printer could mete out more than ordinary frustration now that researchers discovered a vulnerability in drivers for Canon printers enabling attackers to execute arbitrary code.
See Also: Future-Proof Your Business: A Comprehensive Guide to Application Modernization and Development for Public and Private Sectors
Canon issued an advisory on Friday detailing a high-severity vulnerability tracked as CVE-2025-1268 in its Generic Plus printer drivers, impacting production printers, small office multifunction printers and laser printers.
The flaw is an out-of-bounds vulnerability in Enhanced Metafile Recode processing, which could allow remote code execution, posing significant security risks to organizations relying on these devices.
An out-of-bounds vulnerability in Enhanced Metafile Recode processing occurs when the software improperly handles memory during image data conversion. This flaw can lead to memory corruption, allowing attackers to overwrite adjacent memory locations.
If exploited, it could enable remote code execution, granting unauthorized control over the affected system. Attackers can craft malicious EMF files that trigger the flaw when processed, potentially leading to system crashes, data leaks, or full device compromise, especially in networked environments.
Microsoft Offensive Research and Security Engineering Team reported the flaw, which received a CVSS severity rating of 9.4. An attacker could remotely execute code.
Mahmoud Rabie, principal solutions consultant at Cyberani by Aramco Digital in a LinkedIn post said that the issue impacts network security, business continuity and compliance.
“Compromised printers can serve as entry points for broader network attacks, putting overall security at risk,” Rabie said. He warned that remote exploitation of the vulnerability could facilitate data leakage, operational disruptions and lateral movement within corporate networks.
Canon said that updated printer drivers addressing the vulnerability will be made available on the websites of local Canon sales representatives.
“Personally speaking, I would always prefer to have my own printer connected to my desktop PC or laptop by USB than have it connected directly to my home WiFi network,” said Tony Moor, a researcher at hardware security firm IOActive. “Keeping a printer isolated from the home or office network reduces the attack surface. Admittedly this is not practical in a workplace where numerous members of a team all need to connect to the same printing device.”