Canon Inkjet Printers at Risk for Third-Party Compromise via Wi-Fi
Nearly 200 models are affected by vulnerability that may give wireless access to unauthorized third parties.
Printer security covers vulnerabilities in networked devices, exposed interfaces, stored documents, and access controls that can affect data confidentiality.
Search across headline titles and summaries.
Background for this topic.
A printer converts digital documents or images into physical output; networked multifunction printers may also scan, copy, fax, and store temporary job data. In an enterprise, such a device is an endpoint with firmware, an operating system, network services, and often an administrative web interface.
Security concerns include unauthorized administration through exposed or weakly protected interfaces, exploitation of unpatched firmware or services, and disclosure of documents retained in queues, internal storage, or printed output. Organizations should restrict printer management to trusted networks, change default credentials, apply vendor firmware updates, use encrypted management and print protocols where supported, and limit stored job data. Access-controlled release printing can reduce exposure of sensitive pages. When printers are relocated or retired, stored jobs, address books, credentials, and configuration data should be securely erased; logs and device details may also matter during vulnerability management and investigations.
Nearly 200 models are affected by vulnerability that may give wireless access to unauthorized third parties.
The printers retained various information after re-initialization, including SSIDs and passwords
Canon is warning users of home, office, and large format inkjet printers that their Wi-Fi connection settings stored in the devices' memories are not wiped, as they should, during initialization, allowing others to gain access to the data. [...]