Canon Group
Close Close
Canon Experience Store Logo | Canon Australia
Canon Experience Store Test, try and buy all the latest Canon digital cameras, lenses, and printers. Visit
Canon Finance logo | Canon Australia
Canon Finance Finance the latest technology for your business when you need it. Visit
Canon Professional Services logo | Canon Australia
Canon Professional Services Join our network of professionals and support services with a CPS membership. Visit
SUNSTUDIOS logo | Canon Australia
SUNSTUDIOS Innovative space and services for visual creatives and professionals. Visit
Canon Business Services ANZ
Canon Business Services Discover our range of business services with Canon Business Services. Visit
Canon Medical Systems Corporation Logo | Canon Australia
Canon Medical Systems World-class diagnostic imaging products and intelligent healthcare IT solutions. Visit
Products
Get Inspired
Support
Canon for Business
search
About Canon
Contact us
Menu Menu Close Close Search
Home
/ News
/ Support News
/ Vulnerability Mitigation/Remediation for Production Printers, Office/Small Office Multifunction Printers and Laser Printers

Vulnerability Mitigation/Remediation for Production Printers, Office/Small Office Multifunction Printers and Laser Printers

Description
A passback vulnerability was found in production printers, office/small office multifunction printers and laser printers. This vulnerability could allow an attacker, if they obtain administrative privileges on the product, to acquire authentication information such as SMTP/LDAP connections configured in the product.

Affected Products
・ imageRUNNER ADVANCE Series
・ imageRUNNER Series
・ imagePRESS V Series
・ imagePRESS Series
・ imageCLASS Series
・ i-sensys Series
・ Satera Series

Please refer here for detailed model names.

CVE/CVSS
CVE-2025-3078:
A passback vulnerability of production printers and office multifunction printers
CVSS v4
CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:N/SC:H/SI:H/SA:N
Base Score: 6.3
CVSS v3
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:N
Base Score: 8.7

CVE-2025-3079:
A passback vulnerability of office/small office multifunction printers and laser printers
CVSS v4
CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:N/SC:H/SI:H/SA:N
Base Score: 6.3
CVSS v3
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:N
Base Score: 8.7

Mitigation/Remediation
We advise our customers to follow the below hardening guides:
- It is not recommended that a product is connected directly to the internet. When connecting to the internet, use a private IP address in an environment where the internet can be accessed from a secure private network built with firewall products, wired routers or Wi-Fi routers.
- Change the product’s default password to a new password.
- Set up administrator and general users IDs and passwords.
- Ensure that passwords and other similar settings for various functions are sufficiently difficult to guess.
- If the product has authentication functions, use them to confirm the end-user identity who uses the product.
- If the product has multi-factor authentication functions, use them to confirm the end-user identity who uses the product.
- Be aware of physical security needs, including those related to the location of the product etc.

Please refer here for more information on securing products when connecting to a network.

In addition to the above measures, certain products have enhanced security features. The information on the relevant products is uploaded on the website of your local Canon sales representatives.

  • Category
  • Archives