CP2025-003 Vulnerability Remediation for Certain Printer Drivers for Production Printers, Office/Small Office Multifunction Printers and Laser Printers

Updated: March 13, 2026

March 28, 2025

Canon Inc.

Description

An out-of-bounds vulnerability was found in certain printer drivers for production printers, office/small office multifunction printers and laser printers that may prevent printing and/or potentially be able to execute arbitrary code when the print is processed by a malicious application.

Affected Printer Drivers

Generic Plus PCL6 Printer Driver – V3.12 and earlier

Generic Plus UFR II Printer Driver - V3.12 and earlier

Generic Plus LIPS4 Printer Driver - V3.12 and earlier

Generic Plus LIPSLX Printer Driver - V3.12 and earlier

Generic Plus PS Printer Driver - V3.12 and earlier

Generic FAX Driver - V10.65 and earlier

UFRII LT Printer Driver - V30.88 and earlier

CARPS2 Printer Driver - V31.01 and earlier

PDF Driver - V1.0.5.0 and earlier

LIPS4 Printer Driver - V15.00 and earlier

LIPSLX Printer Driver - V15.00 and earlier

UFR II Printer Driver - V15.00 and earlier

PS Printer Driver - V15.00 and earlier

PCL6 Printer Driver - V15.00 and earlier

CVE/CVSS:


CVE-2025-1268:	Out-of-bounds vulnerability in EMF Recode processing of Generic Plus PCL6 Printer Driver / Generic Plus UFR II Printer Driver / Generic Plus LIPS4 Printer Driver / Generic Plus LIPSLX Printer Driver / Generic Plus PS Printer Driver / Generic FAX Driver / UFRII LT Printer Driver / CARPS2 Printer Driver / PDF Driver / LIPS4 Printer Driver / LIPSLX Printer Driver / UFR II Printer Driver / PS Printer Driver / PCL6 Printer Driver
	CVSS v3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:L Base Score: 9.4

CVE-2025-1268:

Out-of-bounds vulnerability in EMF Recode processing of Generic Plus PCL6 Printer Driver / Generic Plus UFR II Printer Driver / Generic Plus LIPS4 Printer Driver / Generic Plus LIPSLX Printer Driver / Generic Plus PS Printer Driver / Generic FAX Driver / UFRII LT Printer Driver / CARPS2 Printer Driver / PDF Driver / LIPS4 Printer Driver / LIPSLX Printer Driver / UFR II Printer Driver / PS Printer Driver / PCL6 Printer Driver

CVSS v3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:L Base Score: 9.4

Remediation

Printer drivers designed to address the issue are available on the websites of your local Canon sales representatives. We advise that our customers install the latest printer drivers available.

Generic Plus PCL6 Printer Driver – V3.15 and higher

Generic Plus UFR II Printer Driver - V3.15 and higher

Generic Plus LIPS4 Printer Driver - V3.15 and higher

Generic Plus LIPSLX Printer Driver - V3.15 and higher

Generic Plus PS Printer Driver - V3.15 and higher

Generic Plus FAX Printer Driver - V10.66 and higher

UFRII LT Printer Driver - V31.05 and higher

CARPS2 Printer Driver - V31.05 and higher

PDF Driver - V1.4.1 and higher

LIPS4 Printer Driver - V15.01 and higher

LIPSLX Printer Driver - V15.01 and higher

UFR II Printer Driver - V15.01 and higher

PS Printer Driver - V15.01 and higher

PCL6 Printer Driver - V15.01 and higher

Update History

2026-03-13: Added affected printer drivers (LIPS4 Printer Driver - V15.00 and earlier, LIPSLX Printer Driver - V15.00 and earlier, UFR II Printer Driver - V15.00 and earlier, PS Printer Driver - V15.00 and earlier, PCL6 Printer Driver - V15.00 and earlier)

2025-06-16: Added affected printer drivers (PDF Driver - V1.0.5.0 and earlier)

2025-05-08: Added affected printer drivers (UFRII LT Printer Driver - V30.88 and earlier, CARPS2 Printer Driver - V31.01 and earlier)

2025-04-17: Added affected printer drivers (Generic FAX Driver - V10.65 and earlier)

2025-03-28: Created

Thank you to Microsoft Offensive Research and Security Engineering Team (MORSE) for reporting this vulnerability.