CVE-2025-9903

EUVD-2025-31486
Out-of-bounds write vulnerabilities in print processing of Generic Plus PCL6 Printer Driver / Generic Plus UFR II Printer Driver / Generic Plus LIPS4 Printer Driver / Generic Plus LIPSLX Printer Driver / Generic Plus PS Printer Driver / UFRII LT Printer Driver / CARPS2 Printer Driver / Generic FAX Driver
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
5.9 MEDIUM
NETWORK
HIGH
NONE
CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:H/A:L
CanonCNA
5.9 MEDIUM
NETWORK
HIGH
NONE
CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:H/A:L
Awaiting analysis
This vulnerability is currently awaiting analysis.
Base Score
CVSS 3.x
EPSS Score
Percentile: 20%
Common Weakness Enumeration
References
https://canon.jp/support/support-info/250925vulnerability-response
https://psirt.canon/advisory-information/cp2025-005/
https://www.canon-europe.com/support/product-security/
https://www.usa.canon.com/about-us/to-our-customers/cp2025-005-vulnerabilities-remediation-for-certain-printer-drivers-for-production-printers-office-small-office-multifunction-printers-laser-printers