CVE-2025-3078

NVD	https://nvd.nist.gov/vuln/detail/CVE-2025-3078
CWE	https://cwe.mitre.org/data/definitions/522.html

A passback vulnerability which relates to production printers and office multifunction printers.

Weakness

The product transmits or stores authentication credentials, but it uses an insecure method that is susceptible to unauthorized interception and/or retrieval.

Potential Mitigations

https://cwe.mitre.org/data/definitions/102.html
https://cwe.mitre.org/data/definitions/474.html
https://cwe.mitre.org/data/definitions/50.html
https://cwe.mitre.org/data/definitions/509.html
https://cwe.mitre.org/data/definitions/551.html
https://cwe.mitre.org/data/definitions/555.html
https://cwe.mitre.org/data/definitions/560.html
https://cwe.mitre.org/data/definitions/561.html
https://cwe.mitre.org/data/definitions/600.html
https://cwe.mitre.org/data/definitions/644.html
https://cwe.mitre.org/data/definitions/645.html
https://cwe.mitre.org/data/definitions/652.html
https://cwe.mitre.org/data/definitions/653.html

References

https://canon.jp/support/support-info/250519vulnerability-response
https://corporate.jp.canon/caution/160106
https://psirt.canon/advisory-information/cp2025-004/
https://psirt.canon/hardening/
https://www.canon-europe.com/support/product-security
https://www.usa.canon.com/about-us/to-our-customers/cp2025-004-vulnerability-mitigation-remediation-for-production-printers-office-small-office-multifunction-printers-laser-printers

Insufficiently Protected Credentials

Weakness

Potential Mitigations

Related Attack Patterns

References