Passback Vulnerability Affecting Production Printers and Office Multifunction Devices by Canon
CVE-2025-3078

6.3MEDIUM

Key Information:

Vendor: Canon Inc.
Status: Imagerunner Advance Series; Imagerunner Series; Imagepress V Series; Imagepress Series
Vendor: CVE Published:; 20 May 2025

What is CVE-2025-3078?

This passback vulnerability affects production printers and multifunction devices manufactured by Canon, potentially allowing unauthorized access or control. Users of affected units should be vigilant about securing their printing environments, as the vulnerabilities may expose sensitive information or allow for unauthorized operations. Canon has issued guidance on mitigation and remediation to help users protect their devices and data.

Affected Version(s)

imageCLASS Series all version

imagePRESS Series all version

imagePRESS V Series all version

References

https://psirt.canon/advisory-information/cp2025-004/

vendor-advisory

https://canon.jp/support/support-info/250519vulnerability...

vendor-advisory

https://www.usa.canon.com/about-us/to-our-customers/cp202...

vendor-advisory

CVSS V4

Score:

6.3

Severity:

MEDIUM

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Attack Required:

None

Privileges Required:

Undefined

User Interaction:

None

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
May 20, 2025

Canon Inc.

What is CVE-2025-3078?

Affected Version(s)

References

CVSS V4

Timeline