A serious security vulnerability has been discovered in several Canon printer drivers, and it’s important for all organizations and users to be aware—especially those using Canon office or production printers.

What Happened?

Microsoft’s Offensive Research and Security Engineering (MORSE) team recently alerted Canon about a critical security flaw, now tracked as CVE-2025-1268, with a severity score of 9.4 out of 10 on the CVSS scale.

This vulnerability affects the Generic Plus PCL6, UFR II, LIPS4, LIPSXL, and PS printer drivers, particularly versions 3.12 and earlier. These drivers are used in various Canon:

• Production printers
• Office multifunction printers
• Laser printers

What’s the Risk?

According to Canon’s advisory, this out-of-bounds vulnerability can be exploited during the print process, potentially:

• Preventing printing operations
• Allowing attackers to run malicious code through specially crafted print jobs

This kind of exploit can be launched using a technique known as BYOVD (Bring Your Own Vulnerable Driver)—a method attackers use to sneak past security by leveraging trusted but flawed drivers.

What Should You Do?

Canon strongly urges users to:

✅ Check the official Canon support website for updated drivers

✅ Install patched versions as soon as they’re available

✅ Avoid using outdated driver versions (v3.12 and below)

✅ Work with your IT team to verify the status of Canon drivers in your environment

Why It Matters for Your Organization

Printer drivers are often overlooked in cybersecurity strategies, but they run with high system privileges, making them attractive targets for attackers. Vulnerabilities like this can compromise more than just printing—they can become a doorway into your network.

By staying informed and applying patches promptly, your organization can significantly reduce the risk of exploitation.