CVE-2026-6892 - Vulnerability Details

Description

Improper handling of symbolic links in the installer of CUPS Printer Driver for macOS(*) may allow a local attacker with login privileges to exploit a specially crafted symbolic link during installation to modify permissions of directories for which they would not normally have authorization.

*:Canon PIXUS iX6800 Series CUPS Printer Driver for macOS Version 16.91.0.0 or earlier (Japan)

Canon PIXMA MG2500 Series and iX6800 Series CUPS Printer Driver for macOS Version 16.91.0.0 or earlier (US and Europe)

Published: 2026-05-29

Score: 5.1 Medium

EPSS: < 1% Very Low

KEV: No

Impact:

Action:

Analysis

Impact

The vulnerability stems from improper handling of symbolic links during installation of the CUPS Printer Driver for macOS. A local attacker who can write files while the installer is running can craft a symbolic link that directs the installer to modify directory permissions that the attacker normally lacks access to. This results in the attacker gaining higher privilege levels within the system. The weakness aligns with CWE‑59, a relative path traversal issue.

Affected Systems

Affected products include Canon PIXUS iX6800 Series, Canon PIXMA MG2500 Series, and Canon PIXMA iX6800 Series CUPS Printer Drivers for macOS. Versions up to and including 16.91.0.0 are vulnerable: 16.91.0.0 or earlier for Japan and the same or earlier versions for US and Europe.

Risk and Exploitability

The CVSS score of 5.1 indicates a moderate severity. With no EPSS score available, the likelihood of exploitation is uncertain, and the vulnerability is not listed in the CISA KEV catalog. Since the attack vector requires local user access and seemingly occurs during installation, the risk is primarily confined to environments where privileged installation is performed with unvalidated installers. Nonetheless, the potential for privilege escalation warrants prompt action.

Default status is the baseline for the product, each version can override it (e.g. patched versions marked unaffected).

Vendor Product Default status Versions

Canon Inc.

Canon PIXUS iX6800 Series CUPS Printer Driver for macOS

unaffected

Version	Status	Constraints
`16.91.0.0 or earlier`	affected	—

Canon Inc.

PIXMA MG2500 Series CUPS Printer Driver for macOS

unaffected

Version	Status	Constraints
`16.91.0.0 or earlier`	affected	—

Canon Inc.

PIXMA iX6800 Series CUPS Printer Driver for macOS

unaffected

Version	Status	Constraints
`16.91.0.0 or earlier`	affected	—

No data.

Vendor Product Confidence Versions

Canon

Pixma Ix6800 Series Cups Printer Driver For Macos

100%

Version	Status	Scheme	Platform
`[0,16.91.0.0]`	affected	generic	—

Canon

Pixma Mg2500 Series Cups Printer Driver For Macos

100%

Version	Status	Scheme	Platform
`[0,16.91.0.0]`	affected	generic	—

Canon

Pixus Ix6800 Series Cups Printer Driver For Macos

100%

Version	Status	Scheme	Platform
`[0,16.91.0.0]`	affected	generic	—

Found an issue or want to improve our Enrichment? You can suggest it directly by opening an issue on our dedicated GitHub repository .

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

Apply the latest CUPS Printer Driver for macOS to replace any version 16.91.0.0 or earlier.
Ensure installation packages are obtained from Canon’s official sources and verify their integrity before installation.
Restrict installation privileges to required administrative accounts and monitor for unexpected permission changes during new deployments.

Generated by OpenCVE AI on May 29, 2026 at 01:20 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

Attack Vector Local

Attack Complexity Low

Privileges Required Low

Attack Requirements None

User Interaction Passive

Vulnerable System Confidentiality Impact None

Vulnerable System Integrity Impact High

Vulnerable System Availability Impact None

Subsequent System Confidentiality Impact None

Subsequent System Integrity Impact None

Subsequent System Availability Impact None

Attack Vector Local

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact None

Integrity Impact High

Availability Impact None

User Interaction Required

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

The EPSS score is 0.00014.

Exploitation none

Automatable no

Technical Impact partial

References

Link	Providers
https://canon.jp/support/support-info/260528-1vulnerability-response
https://psirt.canon/advisory-information/cp2026-004/
https://www.canon-europe.com/support/product-security/
https://www.usa.canon.com/support/canon-product-advisories/CPA2026-004-Vulnerability-Remediation-for-My-Image-Garden-for-macOS-and-CUPS-Printer-Driver-for-macOS

History

Fri, 29 May 2026 17:30:00 +0000

Type	Values Removed	Values Added
Metrics		ssvc `{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}`

Fri, 29 May 2026 16:00:00 +0000

Type	Values Removed	Values Added
First Time appeared		Canon Canon pixma Ix6800 Series Cups Printer Driver For Macos Canon pixma Mg2500 Series Cups Printer Driver For Macos Canon pixus Ix6800 Series Cups Printer Driver For Macos
Vendors & Products		Canon Canon pixma Ix6800 Series Cups Printer Driver For Macos Canon pixma Mg2500 Series Cups Printer Driver For Macos Canon pixus Ix6800 Series Cups Printer Driver For Macos

Fri, 29 May 2026 00:15:00 +0000

Type	Values Removed	Values Added
Description		Improper handling of symbolic links in the installer of CUPS Printer Driver for macOS() may allow a local attacker with login privileges to exploit a specially crafted symbolic link during installation to modify permissions of directories for which they would not normally have authorization. :Canon PIXUS iX6800 Series CUPS Printer Driver for macOS Version 16.91.0.0 or earlier (Japan) Canon PIXMA MG2500 Series and iX6800 Series CUPS Printer Driver for macOS Version 16.91.0.0 or earlier (US and Europe)
Weaknesses		CWE-59
References		https://canon.jp/support/support-info/260528-1vulnerability-response https://psirt.canon/advisory-information/cp2026-004/ https://www.canon-europe.com/support/product-security/ https://www.usa.canon.com/support/canon-product-advisories/CPA2026-004-Vulnerability-Remediation-for-My-Image-Garden-for-macOS-and-CUPS-Printer-Driver-for-macOS
Metrics		cvssV3_1 `{'score': 5, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:H/A:N'}` cvssV4_0 `{'score': 5.1, 'vector': 'CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:P/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N'}`

Subscriptions

Canon Pixma Ix6800 Series Cups Printer Driver For Macos Pixma Mg2500 Series Cups Printer Driver For Macos Pixus Ix6800 Series Cups Printer Driver For Macos

MITRE

Status: PUBLISHED

Assigner: Canon

Published: 2026-05-29T00:00:37.110Z

Updated: 2026-05-29T16:51:57.049Z

Reserved: 2026-04-23T04:25:26.676Z

Link: CVE-2026-6892

Vulnrichment

Updated: 2026-05-29T16:45:37.207Z

NVD

Status : Awaiting Analysis

Published: 2026-05-29T00:16:16.847

Modified: 2026-05-29T14:46:09.837

Link: CVE-2026-6892

Redhat

No data.

OpenCVE Enrichment

Updated: 2026-05-29T15:47:39Z

Weaknesses

CWE-59

Impact

Affected Systems

Risk and Exploitability

Tracking

Attack Vector Local

Attack Complexity Low

Privileges Required Low

Attack Requirements None

User Interaction Passive

Vulnerable System Confidentiality Impact None

Vulnerable System Integrity Impact High

Vulnerable System Availability Impact None

Subsequent System Confidentiality Impact None

Subsequent System Integrity Impact None

Subsequent System Availability Impact None

Attack Vector Local

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact None

Integrity Impact High

Availability Impact None

User Interaction Required

Exploitation none

Automatable no

Technical Impact partial

Subscriptions

JSON object

JSON object

JSON object

JSON object

JSON object