CPE2026-002: Vulnerability Remediation for IJ Scan Utility for Windows | Canon U.S.A., Inc.

CPE2026-002: Vulnerability Remediation for IJ Scan Utility for Windows

February 24, 2026

Canon U.S.A., Inc. has recently become aware of a potential security vulnerability involving the IJ Scan Utility for Windows. This potential vulnerability may occur because the executable path of a Windows service is not enclosed in quotation marks. If the file path contains spaces, a local attacker could exploit this condition by leveraging a path with spaces, potentially allowing a malicious file to be executed with the privileges of the affected service.

CVE/CVSS
CVE-2026-1585: An unquoted Windows service executable path vulnerability in IJ Scan Utility for Windows may allow a local attacker to execute a malicious file with the privileges of the affected service. CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N Base Score: 8.4.

Affected Software:
IJ Scan Utility for Windows – Version 1.1.2 through 1.5.0

Remediation:
Canon has released updated drivers to address this potential vulnerability on our Canon USA website. We recommend that our customers install the latest MP Driver and confirm that the following software version is installed: IJ Scan Utility for Windows – Version 1.6.0 and higher

Credits:
Canon acknowledges Enival Chen for reporting this potential vulnerability.

Thank you,
Customer Support
Canon U.S.A., Inc.

Get personalized support via Canon Account. Access your account, or create a new account, click here to get started.

(function(w){ "use strict"; //Check to make sure custom parameters exist if(typeof w.mcxSiteInterceptParameters === 'undefined') { //Backward compatibility (for customers who have <v1.3) if(typeof w.allegianceSiteInterceptParameters !== 'undefined') { w.mcxSiteInterceptParameters = w.allegianceSiteInterceptParameters; console.warn("The parameters variable (allegianceSiteInterceptParameters) needs to be renamed to mcxSiteInterceptParameters inside of the client extensibility. allegianceSiteInterceptParameters may be deprecated in future versions."); } else { console.warn("mcxSiteInterceptParameters undefined, ensure that it is defined in client extensibility and that the site intercept script is loaded in after the client extensibility script. Default parameters used."); w.mcxSiteInterceptParameters = ""; } } var isArray = function() { return w.mcxSiteInterceptParameters && w.mcxSiteInterceptParameters.constructor === Array && w.mcxSiteInterceptParameters.length > 0; }; if(isArray()) { var MCX_DEFAULT = 'MCX_DEFAULT'; var mcxUniqueID = w.mcxUniqueID || MCX_DEFAULT; //Check over each item to see if a uniqueID matches for(var i = 0; i < w.mcxSiteInterceptParameters.length; i++) { if(w.mcxSiteInterceptParameters[i].uniqueID && mcxUniqueID == w.mcxSiteInterceptParameters[i].uniqueID) { w.mcxSiteInterceptParameters = w.mcxSiteInterceptParameters[i]; } } //If no matches were found, attempt to assign default if(isArray()) { for(var j = 0; j < w.mcxSiteInterceptParameters.length; j++) { if(w.mcxSiteInterceptParameters[j].uniqueID && MCX_DEFAULT == w.mcxSiteInterceptParameters[j].uniqueID) { w.mcxSiteInterceptParameters = w.mcxSiteInterceptParameters[j]; } } //If no default was assigned, use the first item if(isArray()) { w.mcxSiteInterceptParameters = w.mcxSiteInterceptParameters[0]; } } } var mcxPresetParam = w.mcxSiteInterceptParameters; w.McxSiteInterceptOnExit = { //Parameters used for customizing script parameters: { //Defaults surveyURL: typeof mcxPresetParam.surveyURL === 'string' ? mcxPresetParam.surveyURL : "", showOnLoad: typeof mcxPresetParam.showOnLoad === 'boolean' ? false : false, invitationID: typeof mcxPresetParam.invitationID === 'string' ? mcxPresetParam.invitationID : "", probability: typeof mcxPresetParam.probability === 'number' ? mcxPresetParam.probability : 100, //0 - 100% width: typeof mcxPresetParam.width === 'number' ? mcxPresetParam.width : 550, //px height: typeof mcxPresetParam.height === 'number' ? mcxPresetParam.height : 520, //px cookieID: typeof mcxPresetParam.cookieID === 'string' ? mcxPresetParam.cookieID : "", expireDaysIfYes: typeof mcxPresetParam.expireDaysIfYes === 'number' ? mcxPresetParam.expireDaysIfYes : 30, //days expireDaysIfNo: typeof mcxPresetParam.expireDaysIfNo === 'number' ? mcxPresetParam.expireDaysIfNo : 30, //days delay: typeof mcxPresetParam.delay === 'number' ? mcxPresetParam.delay : 0, //ms waitUntilClose: typeof mcxPresetParam.waitUntilClose === 'boolean' ? mcxPresetParam.waitUntilClose : false, placeholderURL: typeof mcxPresetParam.placeholderURL === 'string' ? mcxPresetParam.placeholderURL : "", showInline: typeof mcxPresetParam.showInline === 'boolean' ? mcxPresetParam.showInline : false, inlineID: typeof mcxPresetParam.inlineID === 'string' ? mcxPresetParam.inlineID : "mcxSurveyDialog", inlineWrapperID: typeof mcxPresetParam.inlineWrapperID === 'string' ? mcxPresetParam.inlineWrapperID : "mcxSurveyWrapper", inlineCloseID: typeof mcxPresetParam.inlineCloseID === 'string' ? mcxPresetParam.inlineCloseID : "mcxSurveyClose", cleanseCookie: typeof mcxPresetParam.cleanseCookie === 'boolean' ? mcxPresetParam.cleanseCookie : false, debug: typeof mcxPresetParam.debug === 'boolean' ? mcxPresetParam.debug : false, ignoreWarning: typeof mcxPresetParam.ignoreWarning === 'boolean' ? mcxPresetParam.ignoreWarning : false, enabled: typeof mcxPresetParam.enabled === 'boolean' ? mcxPresetParam.enabled : true, pageVisit: typeof mcxPresetParam.pageVisit === 'number' ? mcxPresetParam.pageVisit : 4, mcxBlackList: typeof mcxPresetParam.mcxBlackList === 'object' ? mcxPresetParam.mcxBlackList : [], domainPath: typeof mcxPresetParam.domainPath === 'string' ? mcxPresetParam.domainPath : "" }, takeSurvey: false, //Script-level variable, leave false. surveyWindow: undefined, //Survey window, leave undefined. surveyURLParams: undefined, cachedHTML: undefined, //Called when the page is loaded. Executes logic to determine whether to show the invitation or not. onPageLoad: function () { w.mcxLog('onPageLoad'); w.McxSiteInterceptOnExit.cookieVisitCount(); if(w.McxSiteInterceptOnExit.parameters.uniqueID) { w.mcxLog('uniqueID: ' + w.McxSiteInterceptOnExit.parameters.uniqueID); } w.McxSiteInterceptOnExit.surveyURLParams = sessionStorage["mcx.surveyURLParams"]; if (!w.McxSiteInterceptOnExit.surveyURLParams) { sessionStorage["mcx.surveyURLParams"] = '[{}]'; } var rand = Math.floor(Math.random() * 100); if(w.McxSiteInterceptOnExit.parameters.probability < 1 && w.McxSiteInterceptOnExit.parameters.probability > 0) { var decimal = w.McxSiteInterceptOnExit.parameters.probability; w.McxSiteInterceptOnExit.parameters.probability = Math.floor(w.McxSiteInterceptOnExit.parameters.probability * 100); w.mcxWarn('mcxSiteIntercept warning: The script detected a probability between 0 and 1. Probability should be a whole number between 0 and 100. The script has converted it to a whole number: ' + decimal + ' -> ' + w.McxSiteInterceptOnExit.parameters.probability); } if(w.McxSiteInterceptOnExit.parameters.probability <= 0) { w.mcxWarn('mcxSiteIntercept warning: Probability it set to ' + w.McxSiteInterceptOnExit.parameters.probability + '. It must be greater than 0 to have any chance of displaying the survey.'); } //Check if random number is less than probability (less than means probability met) and that survey is enabled if (rand < w.McxSiteInterceptOnExit.parameters.probability && w.McxSiteInterceptOnExit.parameters.enabled && parseInt(w.McxSiteInterceptOnExit.RgetCookie('McxPageVisit')) >= w.McxSiteInterceptOnExit.parameters.pageVisit && w.McxSiteInterceptOnExit.McxBlackList() === false){ //If no cookie exists, and showOnLoad is true, display the survey modal if (!w.McxSiteInterceptOnExit.hasCookie() && w.McxSiteInterceptOnExit.parameters.showOnLoad) { if(w.McxSiteInterceptOnExit.parameters.invitationID.length > 0) { w.McxSiteInterceptOnExit.showModal(); } else { w.mcxLog('delay ' + w.McxSiteInterceptOnExit.parameters.delay + ' ...'); w.setTimeout(function () { w.mcxLog('... delay '); w.McxSiteInterceptOnExit.popUp(); }, w.McxSiteInterceptOnExit.parameters.delay); } } } else { if(!w.McxSiteInterceptOnExit.parameters.enabled) { w.mcxLog('Survey is disabled'); } else { w.mcxLog('Probability fail. Chance to succeed: ' + w.McxSiteInterceptOnExit.parameters.probability + '%'); } } }, //Page visit count cookieVisitCount: function(){ if(w.McxSiteInterceptOnExit.RgetCookie('McxPageVisit') == "" ){ document.cookie="McxPageVisit= 1; path=/; domain="+(w.McxSiteInterceptOnExit.parameters.domainPath)+";"; } else { var pageVisit = parseInt(w.McxSiteInterceptOnExit.RgetCookie('McxPageVisit')); document.cookie="McxPageVisit=" +(pageVisit + 1)+ "; path=/; domain="+(w.McxSiteInterceptOnExit.parameters.domainPath)+";"; } }, RgetCookie: function(cname) { var name = cname + "="; var ca = document.cookie.split(';'); for(var i=0; i<ca.length; i++) { var c = ca[i]; while (c.charAt(0)==' ') c = c.substring(1); if (c.indexOf(name) == 0) return c.substring(name.length,c.length); } return ""; }, McxBlackList: function(){ var checkArray = w.McxSiteInterceptOnExit.parameters.mcxBlackList; var aL = checkArray.length; var curUrl = window.location.href; for (var i = 0; i < aL; i++){ var testEx = RegExp(checkArray[i]); var finalCheck = testEx.test(curUrl); if (finalCheck){ return true; } } return false; }, //Function to add a parameter to URL addUrlParameter: function (value, name) { w.mcxLog('Added URL parameter: [' + value + ', ' + name + ']'); w.McxSiteInterceptOnExit.surveyURLParams = sessionStorage["mcx.surveyURLParams"]; var object = JSON.parse(w.McxSiteInterceptOnExit.surveyURLParams); object[0][value] = name; sessionStorage["mcx.surveyURLParams"] = JSON.stringify(object); w.McxSiteInterceptOnExit.surveyURLParams = sessionStorage["mcx.surveyURLParams"]; }, //Function to remove a parameter from URL removeUrlParameter: function (value) { w.mcxLog('Removed URL parameter: [' + value + ']'); var object = JSON.parse(w.McxSiteInterceptOnExit.surveyURLParams); delete object[0][value]; sessionStorage["mcx.surveyURLParams"] = JSON.stringify(object); w.McxSiteInterceptOnExit.surveyURLParams = sessionStorage["mcx.surveyURLParams"]; }, //Converts the URL parameters to a query string that will get appended to the survey URL urlParametersToQueryString: function() { w.mcxLog('urlParametersToQueryString ...'); if(w.McxSiteInterceptOnExit.surveyURLParams) { var parameters = JSON.parse(w.McxSiteInterceptOnExit.surveyURLParams)[0]; var queryString = []; for(var property in parameters) { if(parameters.hasOwnProperty(property)) { queryString.push(property + "=" + parameters[property]); } } w.mcxLog('... urlParametersToQueryString '); return "&" + queryString.join('&'); } else { return ""; } }, //Creates a cookie with the given parameters createCookie: function (name, value, days) { w.mcxLog('createCookie: [' + name + ', ' + value + ', ' + days + ']'); var date = new Date(); date.setTime(date.getTime() + (days * 24 * 60 * 60 * 1000)); w.docCookies.setItem(name, value, date); }, hasCookie: function() { var hasCookie = w.docCookies.hasItem('mcxSurveyQuarantine' + w.McxSiteInterceptOnExit.parameters.cookieID, w.McxSiteInterceptOnExit.parameters.cleanseCookie); w.mcxLog('hasCookie: ' + 'mcxSurveyQuarantine' + w.McxSiteInterceptOnExit.parameters.cookieID + ': ' + hasCookie); return hasCookie; }, //Called when page is closed or domain is changed. onPageClose: function () { w.mcxLog('onPageClose'); if(w.McxSiteInterceptOnExit.parameters.enabled) { //w.McxSiteInterceptOnExit.addUrlParameter("mcxReferrerURL", encodeURIComponent(w.location.href)); if (w.McxSiteInterceptOnExit.takeSurvey && w.McxSiteInterceptOnExit.surveyWindow && w.McxSiteInterceptOnExit.surveyWindow.opener && !w.McxSiteInterceptOnExit.surveyWindow.opener.closed) { w.McxSiteInterceptOnExit.surveyWindow.location = (w.McxSiteInterceptOnExit.parameters.surveyURL + w.McxSiteInterceptOnExit.urlParametersToQueryString()); } else { return; } } }, //Brings up the survey popUp: function () { w.mcxLog('popUp'); var rand = Math.floor(Math.random() * 100); if (!w.McxSiteInterceptOnExit.hasCookie() && w.McxSiteInterceptOnExit.parameters.enabled && rand < w.McxSiteInterceptOnExit.parameters.probability) { var strWindowFeatures = "menubar=0,location=yes,resizable=yes,scrollbars=yes,toolbar=0,status=yes,modal=yes,width=" + w.McxSiteInterceptOnExit.parameters.width + ",height=" + w.McxSiteInterceptOnExit.parameters.height; w.McxSiteInterceptOnExit.takeSurvey = true; w.McxSiteInterceptOnExit.createCookie( ('mcxSurveyQuarantine' + w.McxSiteInterceptOnExit.parameters.cookieID), ('mcxSurveyQuarantine' + w.McxSiteInterceptOnExit.parameters.cookieID), w.McxSiteInterceptOnExit.parameters.expireDaysIfYes); var inv = document.getElementById(w.McxSiteInterceptOnExit.parameters.invitationID); if(inv) { inv.style.display = 'none'; } if(w.McxSiteInterceptOnExit.parameters.waitUntilClose) { //Opens window and shows placeholderURL w.McxSiteInterceptOnExit.surveyWindow = w.open(w.McxSiteInterceptOnExit.parameters.placeholderURL, "_blank", strWindowFeatures); //w.McxSiteInterceptOnExit.surveyWindow.blur(); //window.global.focus(); } else { //Logic for showing survey on the page rather than a separate window if(w.McxSiteInterceptOnExit.parameters.showInline) { var elem = document.getElementById(w.McxSiteInterceptOnExit.parameters.inlineID); //Make sure elem exists on page, otherwise create a DIV with inlineID if(!elem) { elem = document.createElement('div'); elem.setAttribute("id", w.McxSiteInterceptOnExit.parameters.inlineID); document.body.appendChild(elem); } //Preserve existing HTML if(typeof w.McxSiteInterceptOnExit.cachedHTML === 'undefined') { w.McxSiteInterceptOnExit.cachedHTML = elem.innerHTML; } //Inject additional required HTML and survey elem.innerHTML = w.McxSiteInterceptOnExit.cachedHTML + '<div id="' + w.McxSiteInterceptOnExit.parameters.inlineWrapperID + '">' + '<div id="' + w.McxSiteInterceptOnExit.parameters.inlineCloseID + '"></div>' + '<iframe frameborder="0" src="' + (w.McxSiteInterceptOnExit.parameters.surveyURL + w.McxSiteInterceptOnExit.urlParametersToQueryString()) + '" width="' + w.McxSiteInterceptOnExit.parameters.width + '" height="' + w.McxSiteInterceptOnExit.parameters.height + '"></iframe></div>'; elem.style.display = 'block'; //Event listener for closing the dialog var el = document.getElementById(w.McxSiteInterceptOnExit.parameters.inlineCloseID); if (el.addEventListener) { el.addEventListener("click", w.McxSiteInterceptOnExit.closeSurveyModal, false); } else { el.attachEvent("onclick", w.McxSiteInterceptOnExit.closeSurveyModal); } } else { //Shows survey right away (if both waitUntilClose and showInline are false) w.McxSiteInterceptOnExit.surveyWindow = w.open((w.McxSiteInterceptOnExit.parameters.surveyURL + w.McxSiteInterceptOnExit.urlParametersToQueryString()), "_blank", strWindowFeatures); } } w.focus(); } }, //Hides modal closeSurveyModal: function() { w.mcxLog('closeSurveyModal'); document.getElementById(w.McxSiteInterceptOnExit.parameters.inlineID).style.display = 'none'; }, //Accepts the invitation. acceptSurvey:function() { w.mcxLog('acceptSurvey'); var curUrl = window.location.href; w.McxSiteInterceptOnExit.addUrlParameter('ref_url', curUrl); w.McxSiteInterceptOnExit.popUp(); }, //Creates a quarantine cookie and hides the invitation. declineSurvey: function () { w.mcxLog('declineSurvey'); w.McxSiteInterceptOnExit.createCookie( ('mcxSurveyQuarantine' + w.McxSiteInterceptOnExit.parameters.cookieID), ('mcxSurveyQuarantine' + w.McxSiteInterceptOnExit.parameters.cookieID), w.McxSiteInterceptOnExit.parameters.expireDaysIfNo); document.getElementById(w.McxSiteInterceptOnExit.parameters.invitationID).style.display = 'none'; }, //Shows the invitation showModal: function (delay) { w.mcxLog('showModal ...'); if(w.McxSiteInterceptOnExit.parameters.enabled) { if(!delay) { delay = w.McxSiteInterceptOnExit.parameters.delay; } w.setTimeout(function () { w.mcxLog('... showModal'); var invitation = document.getElementById(w.McxSiteInterceptOnExit.parameters.invitationID); if(invitation) { invitation.style.display = 'block'; } }, delay); } }, addOnLoadEvent: function (func) { var oldonload = w.onload; if (typeof w.onload != 'function') { w.onload = func; } else { w.onload = function () { if (oldonload) { oldonload(); } func(); }; } }, addBeforeUnLoadEvent: function (func) { var oldonload = w.onbeforeunload; if (typeof w.onbeforeunload != 'function') { w.onbeforeunload = func; } else { w.onbeforeunload = function () { if (oldonload) { oldonload(); } func(); }; } }, addOnUnLoadEvent: function (func) { var oldonload = w.onunload; if (typeof w.onunload != 'function') { w.onunload = func; } else { w.onunload = function () { if (oldonload) { oldonload(); } func(); }; } } }; w.docCookies = { getBrowser: function () { // Opera 8.0+ var isOpera = (!!window.opr && !!opr.addons) || !!window.opera || navigator.userAgent.indexOf(' OPR/') >= 0; // Firefox 1.0+ var isFirefox = typeof InstallTrigger !== 'undefined'; // Safari 3.0+ "[object HTMLElementConstructor]" var isSafari = /constructor/i.test(window.HTMLElement) || (function (p) { return p.toString() === "[object SafariRemoteNotification]"; })(!window['safari'] || (typeof safari !== 'undefined' && safari.pushNotification)); // Internet Explorer 6-11 var isIE = /*@cc_on!@*/false || !!document.documentMode; // Edge 20+ var isEdge = !isIE && !!window.StyleMedia; // Chrome 1+ var isChrome = !!window.chrome && !!window.chrome.webstore; return { isOpera: isOpera, isFirefox: isFirefox, isSafari: isSafari, isIE: isIE, isEdge: isEdge, isChrome: isChrome } }, getItem: function (sKey) { if (!sKey) { return null; } return decodeURIComponent(document.cookie.replace(new RegExp("(?:(?:^|.*;)\\s*" + encodeURIComponent(sKey).replace(/[\-\.\+\*]/g, "\\$&") + "\\s*\\=\\s*([^;]*).*$)|^.*$"), "$1")) || null; }, setItem: function (sKey, sValue, vEnd, sPath, sDomain, bSecure) { if (!sKey || /^(?:expires|max\-age|path|domain|secure)$/i.test(sKey)) { return false; } var sExpires = ""; if (vEnd) { switch (vEnd.constructor) { case Number: sExpires = vEnd === Infinity ? "; expires=Fri, 31 Dec 9999 23:59:59 GMT" : "; max-age=" + vEnd; break; case String: sExpires = "; expires=" + vEnd; break; case Date: sExpires = "; expires=" + vEnd.toUTCString(); break; } } var browser = this.getBrowser(); if (browser.isIE || browser.isEdge || !McxSiteInterceptOnExit.parameters.domainPath) { w.mcxLog('Building cookie without domain. IE: ' + browser.isIE + '; Edge: ' + browser.isEdge + '; domainPath: not used(IE)', true); document.cookie = encodeURIComponent(sKey) + "=" + encodeURIComponent(sValue) + sExpires + "; path=/"; } else { w.mcxLog('Building cookie with domain. domainPath: ' + McxSiteInterceptOnExit.parameters.domainPath, true); document.cookie = encodeURIComponent(sKey) + "=" + encodeURIComponent(sValue) + sExpires + "; domain=" + McxSiteInterceptOnExit.parameters.domainPath + "; path=/"; } return true; }, removeItem: function (sKey) { if (!this.hasItem(sKey)) { return false; } document.cookie = encodeURIComponent(sKey) + "=; expires=Thu, 01 Jan 1970 00:00:00 GMT; domain=" + McxSiteInterceptOnExit.parameters.domainPath + "; path=/"; return true; }, hasItem: function (sKey, cleanseCookie) { if (!sKey) { return false; } if (cleanseCookie === true) { this.removeItem(sKey); } return (new RegExp("(?:^|;\\s*)" + encodeURIComponent(sKey).replace(/[\-\.\+\*]/g, "\\$&") + "\\s*\\=")).test(document.cookie); }, keys: function () { var aKeys = document.cookie.replace(/((?:^|\s*;)[^\=]+)(?=;|$)|^\s*|\s*(?:\=[^;]*)?(?:\1|$)/g, "").split(/\s*(?:\=[^;]*)?;\s*/); for (var nLen = aKeys.length, nIdx = 0; nIdx < nLen; nIdx++) { aKeys[nIdx] = decodeURIComponent(aKeys[nIdx]); } return aKeys; } }; w.mcxWarn = function(warning, ignorePrefix) { var consoleWarn = typeof console !== "undefined" && console.warn && w.McxSiteInterceptOnExit.parameters.ignoreWarning === false; if(consoleWarn) { var prefix = ignorePrefix ? '' : 'mcxSiteIntercept: '; console.warn(prefix + warning); } }; w.mcxLog = function(log, ignorePrefix) { var consoleLog = typeof console !== "undefined" && console.log && w.McxSiteInterceptOnExit.parameters.debug === true; if(consoleLog) { var prefix = ignorePrefix ? '' : 'mcxSiteIntercept: '; console.log(prefix + log); } }; w.AllegianceSiteInterceptOnExit = w.McxSiteInterceptOnExit; //Backward compatibility (for customers who have <v1.3) w.McxSiteInterceptOnExit.addOnUnLoadEvent(w.McxSiteInterceptOnExit.onPageClose); //ensures that other events are retained w.McxSiteInterceptOnExit.addBeforeUnLoadEvent(w.McxSiteInterceptOnExit.onPageClose); //ensures that other events are retained w.McxSiteInterceptOnExit.addOnLoadEvent(w.McxSiteInterceptOnExit.onPageLoad); //ensures that other events are retained w.mcxLog("script loaded"); }(this));

GET SUPPORT

Need help with your product? Let us help you find what you need.

Product Support

NEED IT FIRST

Sign up for up-to-the-minute Canon News, Sales and Deals.

LEARN WITH CANON

Discover great new ways to enjoy your products with exclusive articles, training and events.

Learn more