CVE-2026-1789
4.9
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N
Summary
A vulnerability in the browser-based remote management interface may allow an administrator to access sensitive information on the device via crafted requests, affecting certain production printers and office/small office multifunction printers.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Canon Inc. | imagePRESS Series | all version | affected |
| Canon Inc. | imageFORCE Series | all version | affected |
| Canon Inc. | imageRUNNER ADVANCE Series | all version | affected |
| Canon Inc. | imageRUNNER Series | all version | affected |
| Canon Inc. | Satera MF7525F | v15.00 or earlier | affected |
| Canon Inc. | Satera MF7625F | v8.12 or earlier | affected |
| Canon Inc. | Satera MF7725F | v16.04 or earlier | affected |
| Canon Inc. | Satera MF842CDW | v16.04 or earlier | affected |
| Canon Inc. | imageCLASS X C1538iF II | v16.04 or earlier | affected |
| Canon Inc. | imageCLASS X MF1538C II | v16.04 or earlier | affected |
| Canon Inc. | i-SENSYS C1533iF II | v16.04 or earlier | affected |
| Canon Inc. | i-SENSYS X C1538 iF II | v16.04 or earlier | affected |
| Canon Inc. | i-SENSYS MF842Cdw | v16.04 or earlier | affected |
| Canon Inc. | MF842CDW | v16.04 or earlier | affected |
| Canon Inc. | MF842CX | v16.04 or earlier | affected |
Weaknesses
- CWE-807: CWE-807: Reliance on Untrusted Inputs in a Security Decision
ADP Enrichment
CISA ADP Vulnrichment
- SSVC:
- Exploitation: none
- Automatable: no
- Technical Impact: partial
References
- https://psirt.canon/advisory-information/cp2026-003/
- https://canon.jp/support/support-info/260423vulnerability-response
- https://www.usa.canon.com/about-us/to-our-customers/cpa2026-003-vulnerability-mitigation-remediation-for-production-printers-and-office-multifunction-printers
- https://www.canon-europe.com/support/product-security/
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.