CVE-2025-1268: Out-of-bounds vulnerability in EMF Recode processing of Generic Plus PCL6 Printer Driver / Generic Plus UFR II Printer Driver / Generic Plus LIPS4...
Description
Out-of-bounds vulnerability in EMF Recode processing of Generic Plus PCL6 Printer Driver / Generic Plus UFR II Printer Driver / Generic Plus LIPS4 Printer Driver / Generic Plus LIPSLX Printer Driver / Generic Plus PS Printer Driver
Classification
CVE ID: CVE-2025-1268
CVSS Base Severity: CRITICAL
CVSS Base Score: 9.4
CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:L
Problem Types
CWE-787: Out-of-bounds WriteAffected Products
Vendor: Canon Inc., Canon Inc., Canon Inc., Canon Inc., Canon Inc.
Product: Generic Plus PCL6 Printer Driver, Generic Plus UFR II Printer Driver, Generic Plus LIPS4 Printer Driver, Generic Plus LIPSLX Printer Driver, Generic Plus PS Printer Driver
Exploit Prediction Scoring System (EPSS)
EPSS Score: 0.08% (probability of being exploited)
EPSS Percentile: 25.25% (scored less or equal to compared to others)
EPSS Date: 2025-04-18 (when was this score calculated)
References
https://nvd.nist.gov/vuln/detail/CVE-2025-1268https://psirt.canon/advisory-information/cp2025-003/
https://canon.jp/support/support-info/250328vulnerability-response
https://www.usa.canon.com/about-us/to-our-customers/service-notice-vulnerability-remediation-for-certain-printer-drivers-for-production-printers-office-small-office-multifunction-printers-and-laser-printers
https://www.canon-europe.com/support/product-security/