CVE-2025-9904
Unknown Unknown - Not Provided
BaseFortify

Publication date: 2025-09-29

Last updated on: 2026-03-16

Assigner: Canon Inc.

Description
Unallocated memory access vulnerability in print processing of Generic Plus PCL6 Printer Driver / Generic Plus UFR II Printer Driver / Generic Plus LIPS4 Printer Driver / Generic Plus LIPSLX Printer Driver / Generic Plus PS Printer Driver / UFRII LT Printer Driver / CARPS2 Printer Driver / Generic FAX Driver / LIPS4 Printer Driver / LIPSLX Printer Driver / UFR II Printer Driver / PS Printer Driver / PCL6 Printer Driver
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2025-09-29
Last Modified
2026-03-16
Generated
2026-06-16
AI Q&A
2025-09-29
EPSS Evaluated
2026-06-14
NVD
CVE-2025-9904
Affected Vendors & Products
Showing 4 associated CPEs
Vendor Product Version / Range
canon generic_plus_lips4_printer_driver 3.31
canon generic_plus_lipslx_printer_driver 3.31
canon generic_plus_ps3_printer_driver 3.31
canon generic_plus_pcl6_printer_driver 3.31
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-696 The product performs multiple related behaviors, but the behaviors are performed in the wrong order in ways that may produce resultant weaknesses.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Compliance Impact

This vulnerability does not impact confidentiality or integrity of data, only availability. Therefore, it is unlikely to directly affect compliance with standards like GDPR or HIPAA, which focus heavily on data protection and privacy.

Executive Summary

This vulnerability involves unallocated memory access during the print processing of several Generic Plus printer drivers, including PCL6, UFR II, LIPS4, LIPSLX, and PS printer drivers. This means the printer drivers may improperly access memory that has not been allocated, potentially leading to unexpected behavior or crashes.

Impact Analysis

The vulnerability can impact you by causing denial of service or disruption in printing services due to the unallocated memory access. Since the CVSS indicates no confidentiality or integrity impact but an availability impact, it primarily affects the availability of printing functions.

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2025-9904. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart