CVE-2025-9904

Summary

Unallocated memory access vulnerability in print processing of Generic Plus PCL6 Printer Driver / Generic Plus UFR II Printer Driver / Generic Plus LIPS4 Printer Driver / Generic Plus LIPSLX Printer Driver / Generic Plus PS Printer Driver / UFRII LT Printer Driver / CARPS2 Printer Driver / Generic FAX Driver / LIPS4 Printer Driver / LIPSLX Printer Driver / UFR II Printer Driver / PS Printer Driver / PCL6 Printer Driver

Affected Software

VendorProductVersion RangeStatus
Canon Inc.Generic Plus PCL6 Printer Driver3.30 and earlieraffected
Canon Inc.Generic Plus UFR II Printer Driver3.30 and earlieraffected
Canon Inc.Generic Plus LIPS4 Printer Driver3.30 and earlieraffected
Canon Inc.Generic Plus LIPSLX Printer Driver3.30 and earlieraffected
Canon Inc.Generic Plus PS Printer Driver3.30 and earlieraffected
Canon Inc.UFRII LT Printer Driver31.05 and earlieraffected
Canon Inc.CARPS2 Printer Driver31.05 and earlieraffected
Canon Inc.Generic FAX Driver10.67 and earlieraffected
Canon Inc.LIPS4 Printer Driver15.00 and earlieraffected
Canon Inc.LIPSLX Printer Driver15.00 and earlieraffected
Canon Inc.UFR II Printer Driver15.00 and earlieraffected
Canon Inc.PS Printer Driver15.00 and earlieraffected
Canon Inc.PCL6 Printer Driver15.00 and earlieraffected

Weaknesses

  • CWE-696: CWE-696: Incorrect Behavior Order

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: yes
    • Technical Impact: partial

References