Passback Vulnerability in Canon Office Multifunction and Laser Printers
CVE-2025-3079

6.3MEDIUM

Key Information:

Vendor: Canon Inc.
Status: Imagerunner Series; Imageclass Series; I-sensys Series; Satera Series
Vendor: CVE Published:; 20 May 2025

What is CVE-2025-3079?

A passback vulnerability has been identified in Canon's office and small office multifunction printers, as well as laser printers. This security flaw could potentially allow unauthorized access and control over printer functions, impacting sensitive data management and operational integrity. Canon has provided guidance on how to mitigate this risk and enhance overall device security. Users are encouraged to review and implement recommended security measures to protect their printing environments.

Affected Version(s)

i-sensys Series all version

imageCLASS Series all version

imageRUNNER Series all version

References

https://psirt.canon/advisory-information/cp2025-004/

vendor-advisory

https://canon.jp/support/support-info/250519vulnerability...

vendor-advisory

https://www.usa.canon.com/about-us/to-our-customers/cp202...

vendor-advisory

CVSS V4

Score:

6.3

Severity:

MEDIUM

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Attack Required:

None

Privileges Required:

Undefined

User Interaction:

None

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
May 20, 2025

Canon Inc.

What is CVE-2025-3079?

Affected Version(s)

References

CVSS V4

Timeline