CVE-2025-1268
Published: 31 March 2025
Summary
CVE-2025-1268 is a critical-severity Out-of-bounds Write (CWE-787) vulnerability in Canon (inferred from references). Its CVSS base score is 9.4 (Critical).
Operationally, exploitation aligns with the MITRE ATT&CK technique Exploitation of Remote Services (T1210); ranked in the top 32.4% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog.
The strongest mitigations our analysis identified are NIST 800-53 SI-10 (Information Input Validation) and SI-16 (Memory Protection).
Threat & Defense at a Glance
Threat & Defense Details
Mitigating Controls (NIST 800-53 r5)AI
Directly mandates timely patching and remediation of the out-of-bounds write flaw in vulnerable Canon printer drivers as per vendor advisories.
Provides memory safeguards such as ASLR, DEP, and stack canaries to mitigate exploitation of the out-of-bounds write in EMF recode processing.
Requires validation of EMF inputs to printer drivers to block malformed data that triggers the out-of-bounds write vulnerability.
MITRE ATT&CK Enterprise TechniquesAI
Why these techniques?
The CVE describes a remotely exploitable out-of-bounds write (RCE) in Canon printer drivers' EMF processing with no auth/UI required (AV:N), directly enabling exploitation of the remote print service/spooler subsystem for code execution.
NVD Description
Out-of-bounds vulnerability in EMF Recode processing of Generic Plus PCL6 Printer Driver / Generic Plus UFR II Printer Driver / Generic Plus LIPS4 Printer Driver / Generic Plus LIPSLX Printer Driver / Generic Plus PS Printer Driver / Generic FAX…
more
Printer Driver / UFRII LT Printer Driver / CARPS2 Printer Driver / PDF Driver / LIPS4 Printer Driver / LIPSLX Printer Driver / UFR II Printer Driver / PS Printer Driver / PCL6 Printer Driver
Deeper analysisAI
CVE-2025-1268 is an out-of-bounds write vulnerability (CWE-787) in the EMF Recode processing functionality of multiple Canon printer drivers, including the Generic Plus PCL6 Printer Driver, Generic Plus UFR II Printer Driver, Generic Plus LIPS4 Printer Driver, Generic Plus LIPSLX Printer Driver, Generic Plus PS Printer Driver, Generic FAX Printer Driver, UFRII LT Printer Driver, CARPS2 Printer Driver, PDF Driver, LIPS4 Printer Driver, LIPSLX Printer Driver, UFR II Printer Driver, PS Printer Driver, and PCL6 Printer Driver. Published on March 31, 2025, the flaw carries a CVSS v3.1 base score of 9.4 (AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:L), indicating critical severity due to its potential for high impact on confidentiality and integrity.
Remote attackers require no privileges or user interaction to exploit this vulnerability over the network with low complexity. Successful exploitation could allow attackers to achieve high-level compromise of confidentiality and integrity, such as unauthorized data access or modification, alongside limited availability disruption on affected systems running the vulnerable printer drivers.
Canon has issued advisories detailing the vulnerability response, including support information and remediation guidance available at https://canon.jp/support/support-info/250328vulnerability-response and https://psirt.canon/advisory-information/cp2025-003/. Additional resources on product security and service notices for printer drivers are provided at https://www.canon-europe.com/support/product-security/ and https://www.usa.canon.com/about-us/to-our-customers/service-notice-vulnerability-remediation-for-certain-printer-drivers-for-production-printers-office-small-office-multifunction-printers-and-laser-printers, recommending users apply available patches or updates.
Details
- CWE(s)