Passback Vulnerability in Canon Office Multifunction and Laser Printers
CVE-2025-3079

6.3MEDIUM

Key Information:

Vendor

Canon Inc.

Status
Imagerunner Series
Imageclass Series
I-sensys Series
Satera Series
Vendor
CVE Published:
20 May 2025

What is CVE-2025-3079?

A passback vulnerability has been identified in Canon's office and small office multifunction printers, as well as laser printers. This security flaw could potentially allow unauthorized access and control over printer functions, impacting sensitive data management and operational integrity. Canon has provided guidance on how to mitigate this risk and enhance overall device security. Users are encouraged to review and implement recommended security measures to protect their printing environments.

Affected Version(s)

i-sensys Series all version

imageCLASS Series all version

imageRUNNER Series all version

References

https://psirt.canon/advisory-information/cp2025-004/
vendor-advisory
https://canon.jp/support/support-info/250519vulnerability...
vendor-advisory
https://www.usa.canon.com/about-us/to-our-customers/cp202...
vendor-advisory

CVSS V4

Score:
6.3
Severity:
MEDIUM
Confidentiality:
None
Integrity:
None
Availability:
None
Attack Vector:
Network
Attack Complexity:
Low
Attack Required:
None
Privileges Required:
Undefined
User Interaction:
None

Timeline

  • Vulnerability published

JSON
.