Canon Inkjet Printers Expose Wi-Fi Threat
Canon has raised concerns over potential security risks linked to the disposal of inkjet printers.
In a security advisory published on Monday, the company said it discovered a flaw in specific inkjet printer models where sensitive Wi-Fi connection settings are not adequately erased during the regular initialization process.
The security vulnerability, if exploited, could lead to a breach of user privacy and data security. When the printer is in the hands of third parties, such as during repairs, lending or disposal, unauthorized access to critical Wi-Fi setup information becomes a potential threat.
Read more on Wi-Fi security: Roaming Mantis’ Hacking Campaign Adds DNS Changer to Mobile App
The information stored in a Canon printer differs based on the model and setup but typically encompasses the network SSID, password, network type (WPA3, WEP, etc.), assigned IP address, MAC address and network profile.
To address this issue, Canon has identified specific inkjet printer models affected by the vulnerability and is urging users to take immediate action to minimize the risk.
The scope of Canon printers affected by this problem is vast, encompassing 196 inkjet, business inkjet and large-format inkjet printer models from the E, G, GX, iB, iP, MB, MG, MX, PRO, TR, TS and XK series.
According to the company’s recommendations, users should factory reset these models twice (the second time after having enabled wireless LAN) to ensure the complete deletion of sensitive data.
In case these instructions do not apply to a specific printer model, Canon suggests consulting the operation manual that accompanied the device.
Implementing an additional security measure involves isolating printers on separate networks from valuable assets. This step ensures that even if the network is compromised, attackers won’t be able to access critical devices.
Lastly, it is essential to install any available firmware updates for printer models and deactivate unnecessary services like cloud printing or remote management interfaces.