CP2026-001 Vulnerabilities Mitigation/Remediation for Small Office Multifunction Printers and Laser Printers
January 15, 2026
Canon Inc.
Description
Multiple vulnerabilities have been identified in certain Small Office Multifunction Printers and Laser Printers.
These vulnerabilities indicate the possibility that, if a product is connected directly to the Internet without using a router (wired or Wi-Fi), an unauthenticated remote attacker could trigger a buffer overflow or invalid free, potentially leading to arbitrary code execution and/or a Denial-of-Service (DoS) attack.
These vulnerabilities indicate the possibility that, if a product is connected directly to the Internet without using a router (wired or Wi-Fi), an unauthenticated remote attacker could trigger a buffer overflow or invalid free, potentially leading to arbitrary code execution and/or a Denial-of-Service (DoS) attack.
Affected Products
Certain Small Office Multifunction Printers and Laser Printers
For detailed information on affected models, please visit the websites of your local Canon sales representatives.
Mitigation/Remediation
We advise that our customers set a private IP address for the products and create a network environment with a firewall or wired/Wi-Fi router that can restrict network access.
Please refer here for more details on securing products when connecting to a network.
Firmware designed to address these issues will be uploaded on websites of your local Canon sales representatives. We advise that our customers install the latest firmware available.
CVE/CVSS:
| CVE-2025-14231: | Buffer overflow in print job processing by WSD on Small Office Multifunction Printers and Laser Printers |
| CVSS v4 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N Base Score: 9.3 | |
| CVSS v3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H Base Score: 9.8 | |
| CVE-2025-14232: | Buffer overflow in XML processing of XPS file in Small Office Multifunction Printers and Laser Printers |
| CVSS v4 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N Base Score: 9.3 | |
| CVSS v3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H Base Score: 9.8 | |
| CVE-2025-14233: | Invalid free in CPCA file deletion processing on Small Office Multifunction Printers and Laser Printers |
| CVSS v4 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N Base Score: 9.3 | |
| CVSS v3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H Base Score: 9.8 | |
| CVE-2025-14234: | Buffer overflow in CPCA list processing on Small Office Multifunction Printers and Laser Printers |
| CVSS v4 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N Base Score: 9.3 | |
| CVSS v3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H Base Score: 9.8 | |
| CVE-2025-14235: | Buffer overflow in XPS font fpgm data processing on Small Office Multifunction Printers and Laser Printers |
| CVSS v4 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N Base Score: 9.3 | |
| CVSS v3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H Base Score: 9.8 | |
| CVE-2025-14236: | Buffer overflow in Address Book attribute tag processing on Small Office Multifunction Printers |
| CVSS v4 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N Base Score: 9.3 | |
| CVSS v3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H Base Score: 9.8 | |
| CVE-2025-14237: | Buffer overflow in XPS font parse processing on Small Office Multifunction Printers and Laser Printers |
| CVSS v4 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N Base Score:9.3 | |
| CVSS v3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H Base Score: 9.8 |