CP2025-005 Vulnerabilities Remediation for Certain Printer Drivers for Production Printers, Office/Small Office Multifunction Printers and Laser Printers

September 25, 2025
Canon Inc.

Description:

Multiple vulnerabilities were found in certain printer drivers for production printers, office/small office multifunction printers, and laser printers. These vulnerabilities may potentially allow out-of-bounds memory access and/or Denial-of-Service (DoS) attacks when printing is processed by a malicious application.

Affected Printer Drivers:

  • Generic Plus PCL6 Printer Driver – V3.30 and earlier
  • Generic Plus UFR II Printer Driver - V3.30 and earlier
  • Generic Plus LIPS4 Printer Driver - V3.30 and earlier
  • Generic Plus LIPSLX Printer Driver - V3.30 and earlier
  • Generic Plus PS Printer Driver - V3.30 and earlier

Remediation:

Printer drivers designed to address the issue are available on the websites of your local Canon sales representatives. We advise that our customers install the latest printer drivers available.

  • Generic Plus PCL6 Printer Driver – V3.31 and higher
  • Generic Plus UFR II Printer Driver - V3.31 and higher
  • Generic Plus LIPS4 Printer Driver - V3.31 and higher
  • Generic Plus LIPSLX Printer Driver - V3.31 and higher
  • Generic Plus PS Printer Driver - V3.31 and higher

CVE/CVSS:

CVE-2025-7698: Out-of-bounds read vulnerabilities in print processing of Generic Plus PCL6 Printer Driver / Generic Plus UFR II Printer Driver / Generic Plus LIPS4 Printer Driver / Generic Plus LIPSLX Printer Driver / Generic Plus PS Printer Driver CVSS v4 CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:A/VC:H/VI:N/VA:L/SC:N/SI:N/SA:N Base Score: 5.9 CVSS v3 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:L Base Score: 5.9

CVE-2025-9903: Out-of-bounds write vulnerabilities in print processing of Generic Plus PCL6 Printer Driver / Generic Plus UFR II Printer Driver / Generic Plus LIPS4 Printer Driver / Generic Plus LIPSLX Printer Driver / Generic Plus PS Printer Driver CVSS v4 CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:A/VC:N/VI:H/VA:L/SC:N/SI:N/SA:N Base Score: 5.9 CVSS v3 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:H/A:L Base Score:5.9

CVE-2025-9904: Unallocated memory access vulnerability in print processing of Generic Plus PCL6 Printer Driver / Generic Plus UFR II Printer Driver / Generic Plus LIPS4 Printer Driver / Generic Plus LIPSLX Printer Driver / Generic Plus PS Printer Driver CVSS v4 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N Base Score: 6.9 CVSS v3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L Base Score: 5.3

Thank you to Microsoft Offensive Research and Security Engineering Team (MORSE) for reporting the out-of-bounds read vulnerability (CVE-2025-7698).

GET SUPPORT
Need help with your product? Let us help you find what you need.
Product Support
NEED IT FIRST
Sign up for up-to-the-minute Canon News, Sales and Deals.
LEARN WITH CANON
Discover great new ways to enjoy your products with exclusive articles, training and events.
Learn more