Primary

Context

Canon CUPS Printer Driver for macOS Symbolic Link Vulnerability Allowing Unauthorized Permission Modifications

Vulnerability

Patched

A vulnerability has been identified in the CUPS Printer Driver for macOS, specifically in versions through 16.91.0.0. This issue arises from improper validation of symbolic links in the installer, which may enable a local attacker with login privileges to exploit a crafted symbolic link during installation. Such exploitation could lead to unauthorized modifications of directory permissions.

Impact

Exploitation of this vulnerability could result in unauthorized changes to file or directory permissions, allowing access to resources that the user would not normally be able to modify.

Remediation

Users are advised to install the latest version of the CUPS Printer Driver for macOS, available on the Canon Software & Drivers download page for their region.

Added: May 29, 2026, 1:06 AM

Updated: May 29, 2026, 1:06 AM

Vulnerability Rating

Custom Algorithm

spread

0.3

impact

2.5

exploitability

3.0

remediation

7.7

relevance

9.4

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.3

impact

2.5

exploitability

3.0

remediation

7.7

relevance

9.4

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Canon CUPS Printer Driver for macOS Symbolic Link Vulnerability Allowing Unauthorized Permission Modifications

Vulnerability

Impact

Remediation

Affected Products

Canon PIXUS iX6800

Canon PIXMA MG2500

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating