CPA2026-003: Vulnerability Mitigation/Remediation for Production Printers and Office Multifunction Printers

Description

Canon Canada Inc. has recently become aware of a vulnerability in the browser-based remote management interface in the Canon Laser Printers and Small Office Multifunctional Printers listed below under “Affected Models”. This vulnerability could potentially be exploited by a third party with administrator privileges to access sensitive information within the product by sending specially crafted requests through the browser-based remote management function.

Affected Products**

imageFORCE
imageRUNNER ADVANCE
imagePRESS Lite
imagePRESS
imageCLASS X

** See table at the end of this notice for details on affected models and remediated firmware.

Note: If we determine that additional products are impacted by this vulnerability, we will update this advisory.

Mitigation/Remediation

Firmware designed to address this issue will be either delivered via automatic updates or made available on Canon USA’s support website. Although no incidents exploiting this vulnerability have been confirmed as of the date of this advisory, we recommend that you apply the countermeasures listed below when using your product.

Do not connect the product directly to the Internet. Instead, use it within a secure private network constructed with a firewall appliance, wired router, or Wi Fi router, and ensure that a private IP address is configured.
If the product has an initial default password, change it.
If the product allows separate administrator and general user IDs/passwords to be configured, set them accordingly.
Set passwords and other authentication values to ones that are difficult to predict.
If the product provides authentication functions, enable them and manage the users who are permitted to access the product.
If the product offers multi-factor authentication, enable this function and manage the users authorized to use the product.
Ensure adequate physical security for the product, including its installation environment.

Please refer here for more details on securing products when connecting to a network.

CVE/CVSS

CVE-2026-1789: A vulnerability in the browser-based remote management interface may allow a third party with administrator privileges to access sensitive information stored on the device by sending specially crafted requests, affecting certain production printers and office/small office multifunction printers.

CVSS v4 CVSS 4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N Base Score: 6.9

CVSS v3 CVSS 3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N Base Score: 4.9

Canon would like to thank the following researchers for identifying this vulnerability:

CVE-2026-1789: Hengrui Wang and Ranganatha Rao Sridhar working with Praetorian.

Device Models and Remediated Firmware

Device Models	Remediated Firmware (Minimum Version)
imageCLASS X MF1538C II	V16.06
imageFORCE 6170/6160/6155	V9.08
imageFORCE 710F/610F/520F imageFORCE 710FZ/610FZ/520FZ	V4.08
imageFORCE 8105/8195/8186	V4.08
imageFORCE C3150	V4.08
imageFORCE C5170/C5160/C5150	V9.08
imageFORCE C611F/C521F/C431F/C331F imageFORCE C611FZ/C521FZ/C431FZ/C331FZ	V4.08
imageFORCE C7165	V9.08
imagePRESS Lite C170/C165	V53.06
imagePRESS Lite C270/C265	V26.06
imagePRESS V1000	V25.28
imagePRESS V900/V800/V700	V25.28
imageRUNNER ADVANCE 4551i III/4545i III/4535i III/4525i III	V51.43
imageRUNNER ADVANCE 4551i/4545i/4535i/4525i imageRUNNER ADVANCE 4551i II/4545i II/4535i II/4525i II	V81.43
imageRUNNER ADVANCE 6575i III/6565i III/6555i III	V51.43
imageRUNNER ADVANCE 6575i/6565i/6555i imageRUNNER ADVANCE 6575i II/6565i II/6555i II	V81.43
imageRUNNER ADVANCE 715iF II/615iF II/525iF II imageRUNNER ADVANCE 715iFZ II/615iFZ II/525iFZ II	V81.43
imageRUNNER ADVANCE 715iF III/615iF III/525iF III imageRUNNER ADVANCE 715iFZ III/615iFZ III/525iFZ III	V51.43
imageRUNNER ADVANCE 8505i III/8595i III/8585i III	V51.43
imageRUNNER ADVANCE 8505i/8595i/8585i imageRUNNER ADVANCE 8505i II/8595i II/8585i II	V81.43
imageRUNNER ADVANCE C3530i III/3525i III/3520i III	V51.43
imageRUNNER ADVANCE C3530i/3525i imageRUNNER ADVANCE C3530i II/3525i II	V81.43
imageRUNNER ADVANCE C355iF/255iF	V81.43
imageRUNNER ADVANCE C356iF III/256iF III	V51.43
imageRUNNER ADVANCE C356iF/256iF	V81.43
imageRUNNER ADVANCE C475iF III imageRUNNER ADVANCE C475iFZ III	V51.43
imageRUNNER ADVANCE C5560i III/5550i III/5540i III/5535i III	V51.43
imageRUNNER ADVANCE C5560i/5550i/5540i/5535i imageRUNNER ADVANCE C5560i II/5550i II/5540i II/5535i II	V81.43
imageRUNNER ADVANCE C7580i III/7570i III/7565i III	V51.43
imageRUNNER ADVANCE C7580i/7570i/7565i imageRUNNER ADVANCE C7580i II/7570i II/7565i II	V81.43
imageRUNNER ADVANCE DX 4751i/4745i/4735i/4725i	V43.06
imageRUNNER ADVANCE DX 4845i/4835i/4825i	V26.08
imageRUNNER ADVANCE DX 4945i/4935i/4925i	V16.08
imageRUNNER ADVANCE DX 6000i	V43.06
imageRUNNER ADVANCE DX 6780i/6765i/6755i	V43.06
imageRUNNER ADVANCE DX 6870i/6860i/6855i	V36.08
imageRUNNER ADVANCE DX 6980i	V16.08
imageRUNNER ADVANCE DX 717iFZ/617iFZ/527iFZ imageRUNNER ADVANCE DX 717iF/617iF/527iF	V43.06
imageRUNNER ADVANCE DX 719iF/619iF/529iF imageRUNNER ADVANCE DX 719iFZ/619iFZ/529iFZ	V16.06
imageRUNNER ADVANCE DX 8705i/8795i/8786i	V43.06
imageRUNNER ADVANCE DX 8905i/8995i/8986i	V16.08
imageRUNNER ADVANCE DX C357iF/257iF	V43.06
imageRUNNER ADVANCE DX C359iF/259iF	V16.06
imageRUNNER ADVANCE DX C3730i/3725i	V41.43
imageRUNNER ADVANCE DX C3835i/3830i/3826i	V36.08
imageRUNNER ADVANCE DX C3935i/3930i/3926i	V16.08
imageRUNNER ADVANCE DX C477iFZ imageRUNNER ADVANCE DX C477iF	V41.43
imageRUNNER ADVANCE DX C568iF/478iF imageRUNNER ADVANCE DX C568iFZ/478iFZ	V36.06
imageRUNNER ADVANCE DX C5760i/5750i/5740i/5735i	V43.06
imageRUNNER ADVANCE DX C5870i/5860i/5850i/5840i	V36.08
imageRUNNER ADVANCE DX C7780i/7770i/7765i	V43.06
imageRUNNER C3326i (Latin America/Canada)	V16.06
imageRUNNER C3226i (Latin America)	V10.20