Canon warns that sensitive data on the Wi-Fi connection settings stored in the memories of inkjet printers may not be deleted during initialization.
Canon warns that sensitive information on the Wi-Fi connection settings stored in the memories of home and office/large format inkjet printers may not be deleted by the usual initialization process.
When a printer may be in the hand of any third party, such as when repairing, lending, selling or disposing the device, the users’ info may be exposed.
The information stored in a Canon printer depends on the specific model, however, almost any model stores the network SSID, the password, network type (WPA3, WEP, etc.), MAC address, and IP address.
The list of affected Inkjet printers and business Inkjet printers is available here.
Once obtained sensitive Wi-Fi connection information, a threat actor can gain access to the network that was hosting the printer and carry out a broad range of malicious activities.
Canon provided the following instructions to mitigate the issue by wiping Wi-FI settings:
- Reset all settings (Reset settings ‐> Reset all)
- Enable the wireless LAN
- Reset all settings one more time
For models that do not have the ‘Reset all’ function in the settings menu, users can follow the following procedure:
- Reset LAN settings
- Enable the wireless LAN
- Reset LAN settings one more time
Security researchers also recommend using Network Segmentation by placing the printer on a separate and dedicated network segment. This isolates it from sensitive systems and data, reducing the impact of a compromise.
Set up strong authentication mechanisms, such as complex passwords or use multi-factor authentication (MFA) for printer access. Keep the printer’s firmware and software up to date and disable unnecessary services or protocols on the printer that are not required for its intended function.
Of course, change default passwords immediately after installation and conduct periodic security audits of the printer’s settings and configurations.
Follow me on Twitter: @securityaffairs Facebook and Mastodon
Pierluigi Paganini
(SecurityAffairs – hacking, printer)
Share On