CPA2026-003: Vulnerability Mitigation/Remediation for Production Printers and Office Multifunction Printers

April 23, 2026
Canon Inc.

Description:

Canon U.S.A., Inc. has recently become aware of a vulnerability in the browser-based remote management interface in the Canon Laser Printers and Small Office Multifunctional Printers listed below under “Affected Models”. This vulnerability could potentially be exploited by a third party with administrator privileges to access sensitive information within the product by sending specially crafted requests through the browser-based remote management function.

Affected Products:

(See table at the end of this notice for details on affected models and remediated firmware)

• imageFORCE
• imageRUNNER ADVANCE
• imagePRESS Lite
• imagePRESS
• imageCLASS X

Note: If we determine that additional products are impacted by this vulnerability, we will update this advisory.

Mitigation/Remediation:

Firmware designed to address this issue will be either delivered via automatic updates or made available on Canon USA’s support website. Although no incidents exploiting this vulnerability have been confirmed as of the date of this advisory, we recommend that you apply the countermeasures listed below when using your product.

1. Do not connect the product directly to the Internet. Instead, use it within a secure private network constructed with a firewall appliance, wired router, or Wi Fi router, and ensure that a private IP address is configured.
2. If the product has an initial default password, change it.
3. If the product allows separate administrator and general user IDs/passwords to be configured, set them accordingly.
4. Set passwords and other authentication values to ones that are difficult to predict.
5. If the product provides authentication functions, enable them and manage the users who are permitted to access the product.
6. If the product offers multi-factor authentication, enable this function and manage the users authorized to use the product.
7. Ensure adequate physical security for the product, including its installation environment.

Please refer here for more details on securing products when connecting to a network.

CVE / CVSS:

CVE-2026-1789: A vulnerability in the browser-based remote management interface may allow a third party with administrator privileges to access sensitive information stored on the device by sending specially crafted requests, affecting certain production printers and office/small office multifunction printers. CVSS v4 CVSS 4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N Base Score: 6.9. CVSS v3 CVSS 3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N Base Score: 4.9

Canon would like to thank the following researchers for identifying this vulnerability:

• CVE-2026-1789: Hengrui Wang and Ranganatha Rao Sridhar working with Praetorian.

Device Models and Remediated Firmware