Network Security
Vulnerability Management
Privileged Access Management
Endpoint Security
Threat Hunting
Unified Endpoint Management
Email & Collaboration Security
Contents:
Canon is cautioning users of home, office, and large format inkjet printers that their devices’ Wi-Fi connection settings are not properly wiped during initialization, posing a security and privacy risk.
This flaw could potentially allow unauthorized individuals, such as repair technicians, temporary users, or future buyers, to access sensitive Wi-Fi network details stored in the printer’s memory, including network SSID, password, network type, IP address, MAC address, and network profile.
This could lead to malicious third parties gaining unauthorized access to the user’s network, compromising data and launching further attacks.
The issue affects over 200 Canon printer models, and the company recommends users to wipe their Wi-Fi settings before allowing third-party access to the printer, such as during repairs or when transferring ownership, explains Bleeping Computer.
Users Are Advised to Take Precautionary Measures
Canon has provided a list with all the printer models affected by this data retention problem.
The company advises owners of affected printers to take precautionary measures by wiping their Wi-Fi settings before allowing third-party access to the printer, especially during device repairs or when transferring ownership.
The security advisory provides step-by-step instructions for resetting the Wi-Fi settings based on the printer model.
- Reset all settings (Reset settings ‐> Reset all)
- Enable the wireless LAN
- Reset all settings one more time
For models that do not have the ‘Reset all’ function in the settings menu, users are advised to follow these steps instead:
- Reset LAN settings
- Enable the wireless LAN
- Reset LAN settings one more time
Additionally, Canon recommends implementing further security measures, such as keeping printers on separate networks isolated from valuable assets, to prevent attackers from gaining access to critical devices even in the event of a network compromise.
Users should also apply available firmware updates for their printer models and disable unnecessary services like cloud printing or remote management interfaces if not required.
These precautions help safeguard users’ privacy and prevent potential unauthorized access to sensitive data through printer vulnerabilities.
Canon’s full security advisory is available here.
If you liked this article, follow us on LinkedIn, Twitter, Facebook, and Youtube, for more cybersecurity news and topics.
Madalina, a seasoned digital content creator at Heimdal®, blends her passion for cybersecurity with an 8-year background in PR & CSR consultancy. Skilled in making complex cyber topics accessible, she bridges the gap between cyber experts and the wider audience with finesse.
