/Contact-Support/Product-Advisories/2025-APR-3-PrintDriverVulnerabilityRemediation.html

Service Notice: Vulnerability Remediation for Certain Printer Drivers for Production Printers, Office/Small Office Multifunction Printers and Laser Printers

 

Description:

Out-of-bounds vulnerability was found in certain printer drivers for production printers, office/small office multifunction printers and laser printers that may prevent printing and/or potentially be able to execute arbitrary code when the print is processed by a malicious application.

 

Affected Printer Drivers:

  • Generic Plus PCL6 Printer Driver – V3.12 and earlier
  • Generic Plus LIPS4 Printer Driver – V3.12 and earlier
  • Generic Plus LIPSLX Printer Driver – V3.12 and earlier
  • Generic Plus PS Printer Driver – V3.12 and earlier
  • Generic Plus UFR II Printer Driver – V3.12 and earlier
  • Generic FAX Printer Driver – V10.65 and earlier
  • UFRII LT Printer Driver – V30.88 and earlier

 

CVE/CVSS:

CVE-2025-1268:

 

Out-of-bounds vulnerability in EMF Recode processing of Generic Plus PCL6 Printer Driver / Generic Plus LIPS4 Printer Driver / Generic Plus LIPSLX Printer Driver / Generic Plus PS Printer Driver / Generic Plus UFR II Printer Driver / Generic FAX Printer Driver / UFRII LT Printer Driver

CVSS v3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:L Base Score: 9.4

 

Remediation:

Please check the websites of your local Canon sales representatives for the latest printer driver. We advise that our customers install the latest printer drivers available.

  • Generic Plus PCL6 Printer Driver – V3.15 and higher
  • Generic Plus UFR II Printer Driver – V3.15 and higher
  • Generic Plus LIPS4 Printer Driver – V3.15 and higher
  • Generic Plus LIPSLX Printer Driver – V3.15 and higher
  • Generic Plus PS Printer Driver – V3.15 and higher
  • Generic FAX Printer Driver – V10.66 and higher
  • UFRII LT Printer Driver – V31.05 and higher

Update History:

  • 2025-05-09: Added affected printer drivers (UFRII LT Printer Driver - V30.88 and earlier)
  • 2025-04-23: Added affected printer drivers (Generic FAX Driver - V10.65 and earlier)
  • 2025-04-03: Created

Thank you to Microsoft Offensive Research and Security Engineering Team (MORSE) for reporting this vulnerability.