2025: Security Advisory: Canon Driver Vulnerability
Summary | As stated on the Canon website, It has been found that the Canon Printer Drivers before version 3.30 have the below listed vulnerabilities. These Canon Drivers can optionally be distributed as part of the SmartClient Installer Packages within uniFLOW Online. |
Advisory release date | Sep 25, 2025 |
Product | uniFLOW Online |
CVE | CVE-2025-7698, CVE-2025-9903, CVE-2025-9904 |
Summary of Vulnerability
Multiple vulnerabilities have been found in the below drivers:
Affected Printer Drivers:
Generic Plus PCL6 Printer Driver – V3.30 and earlier
Generic Plus UFR II Printer Driver – V3.30 and earlier
Generic Plus LIPS4 Printer Driver – V3.30 and earlier
Generic Plus LIPSLX Printer Driver – V3.30 and earlier
Generic Plus PS Printer Driver – V3.30 and earlier
For further information please also see: https://psirt.canon/advisory-information/cp2025-005/
Severity
CVE-2025-7698: Out-of-bounds read vulnerabilities in print processing of the affected Printer Drivers.
CVSS v4 CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:A/VC:H/VI:N/VA:L/SC:N/SI:N/SA:N (Base Score: 5.9).
CVSS v3 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:L (Base Score: 5.9).
CVE-2025-9903: Out-of-bounds write vulnerabilities in print processing of the affected Printer Drivers.
CVSS v4 CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:A/VC:N/VI:H/VA:L/SC:N/SI:N/SA:N (Base Score: 5.9).
CVSS v3 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:H/A:L (Base Score: 5.9).
CVE-2025-9904: Unallocated memory access vulnerability in print processing of the affected Printer Driver.
CVSS v4 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N (Base Score: 6.9).
CVSS v3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L (Base Score: 5.3).
Affected Versions
Product | Affected versions |
uniFLOW Online |
|
Fixed Versions
Product | Fix versions |
uniFLOW Online |
|
What You Need to Do
To check if you are impacted by this vulnerability please follow the below procedure.
Browse to your uniFLOW Online tenant’s web interface
Login in with a user that has Administrator rights.
Click the profile icon in the top right of the screen, next to your display name
Selected Advanced for Administrator view, Click Save
Browse to Extensions > uniFLOW SmartClient > Installer configuration and creation > Manage Installers
Select each SmartClient Package (ignoring the Mac SmartClient Packages).
Check if any of the following are set
Printer Driver: Canon Generic Plus UFR II Printer Driver
Printer Driver: Canon Generic Plus GPLX Printer Driver
Canon PDF Driver: Enable Canon PDF Driver = Checked
If a, b or c are true, then you will need to follow the steps in the Mitigation section.
If a, b and c are false, then you do not need to do anything.
Mitigation
uniFLOW Online 2025.3 (2nd October 2025) is updated with the latest drivers from Canon V3.31 (that are not subject to the vulnerability).
Consider printer and printer driver in update setting needs to be enabled
Update configuration:
Browse to Extensions > uniFLOW SmartClient > Installer configuration and creation > Manage Installers
for the lines that have the ‘Update Available’ status
select and double click the line to open the settings tabs
select the ‘Configure Installer’ tab
Click the 'Update Installer' button
The Updating uniFLOW SmartClient Installer dialogue is displayed.
Click the 'update now'
when it is finished re-creating the installer, select the 'Installer versions' tab.
select the latest one at the top of the list
select the … button to the right of the row.
either
'Publish' the new installer
if you use automatic updates, the driver will be updated on the client PC’s automatically
or if this package is ‘Shown on the Start printing page’, users can download the updated SmartClient Installer Package from the uniFLOW Online Start Printing Page
‘Download’ the new installer and roll out via your preferred software distribution method.
Support
If you have further questions, please contact your Canon / Canon Business Partner representative.
