Home Canon CVE-2025-14236
Back to Canon

CVE-2025-14236

Canon - Address Book attribute tag processing

Canon CVSS 9.8 Updated April 6, 2026

Executive Risk Summary

"A buffer overflow vulnerability in the Address Book attribute tag processing of Canon Small Office Multifunction Printers may allow an attacker on the network segment to trigger the affected product being unresponsive or to execute arbitrary code. This vulnerability affects various Canon printer models, including Satera, imageCLASS, and i-SENSYS series, with firmware version v06.02 and earlier."

Anticipated Attack Path

  1. 1. Attacker sends malicious input to the Address Book attribute tag processing
  2. 2. Buffer overflow occurs, potentially allowing arbitrary code execution
  3. 3. Attacker gains control of the affected printer, potentially leading to further exploitation

Am I Vulnerable?

  • Verify firmware version of affected Canon printer models
  • Check for signs of unauthorized access or suspicious activity
  • Apply firmware updates or patches as recommended by Canon

Operational Audit Arsenal

Target Type firmware
Target Asset Address Book attribute tag processing
Standard Path Canon Small Office Multifunction Printers

Manual Verification Required

This is a non-Windows asset (Canon). Use the target asset details and official path provided above to verify your current version against the official vendor advisories listed below.

Patch Impact Forecast

Reboot Required Likely

Potential disruption to printing services during firmware update

Internal Work Notes

Potential buffer overflow vulnerability in Canon printers, requiring firmware update to prevent arbitrary code execution

Technical Intelligence & Operational Utilities • Delivered Weekly

Intelligence Sources

Official Advisoryhttps://canon.jp/support/support-info/260115vulnerability-response
Official Advisoryhttps://psirt.canon/advisory-information/cp2026-001/
Official Advisoryhttps://www.canon-europe.com/support/product-security/
Official Advisoryhttps://www.usa.canon.com/support/canon-product-advisories/Service-Notice-Regarding-Remediation-Measure-Against-Potential-Buffer-Overflow-Vulnerability-in-Laser-Printers-and-Small-Office-Multifunctional-Printers

Related Canon Threats

CVE-2025-14231 CVSS 9.8

Canon - Print Job Processing by WSD
CVE-2025-14232 CVSS 9.8

Canon Laser Printers and Small Office Multifunction Printers - XML Processing
CVE-2025-2146 CVSS 9.8

Canon Printers - WebService Authentication
Data compiled from NVD, MSRC, and CISA KEV Catalog. Intelligence synthesized via AI. Scripts provided for diagnostic purposes under MIT License.