Severity by source
CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Lifecycle Timeline
4DescriptionCVE.org
A vulnerability in the browser-based remote management interface may allow an administrator to access sensitive information on the device via crafted requests, affecting certain production printers and office/small office multifunction printers.
AnalysisAI
Information disclosure in Canon production printers and office/small office multifunction printers allows authenticated administrators to access sensitive device information through crafted requests to the browser-based remote management interface. The vulnerability affects multiple printer models and requires high-privilege administrative access; no active exploitation has been confirmed at time of analysis, though the remote network vector and low attack complexity indicate practical exploitability by privileged internal users.
Technical ContextAI
The vulnerability resides in the browser-based remote management web interface used by Canon production printers and multifunction devices. CWE-807 (Reliance on Untrusted Inputs in a Security Decision) indicates the interface fails to properly validate or authenticate crafted requests before disclosing sensitive information-likely device configuration, network settings, credentials, or operational data stored on the printer. The attack vector is network-based (AV:N), suggesting the management interface is accessible over the network; however, exploitation requires high-privilege administrative credentials (PR:H), limiting exposure to authenticated users with legitimate access roles. The vulnerability does not result in integrity or availability impact, only confidentiality breach.
RemediationAI
Canon has released patches for affected printers and multifunction devices; organizations should immediately apply the latest firmware updates available from Canon's security advisory pages (psirt.canon/advisory-information/cp2026-003/ and usa.canon.com). Interim compensating controls include: (1) Restrict network access to the printer's browser-based management interface using network firewalls or access control lists (ACLs) - permit only known administrator IP addresses or subnets, blocking all other network paths to the management port (typically TCP 80/443); (2) Enforce strong authentication and multi-factor authentication (MFA) for administrative accounts that can access the printer's web interface, reducing the likelihood of compromise; (3) Audit and minimize the number of accounts with high-privilege (administrator) access to printer management interfaces, following least-privilege principles; (4) Monitor and log all access to the management interface, alerting on anomalous requests or bulk information retrieval. Apply patches as soon as tested in non-production environments; interim network isolation should be considered until patches are validated and deployed.
Same technique Information Disclosure
View allShare
External POC / Exploit Code
Leaving vuln.today
EUVD-2026-25347
GHSA-jh49-rh44-24pq