Canon warns printers might expose sensitive data


Canon has warned customers that some of its inkjet printers may retain Wi-Fi network settings data stored on the device.

The Japanese equipment maker said a flaw in several printer models leads devices to retain sensitive information even after users delete it.

“Sensitive information on the Wi-Fi connection settings stored in the memories of inkjet printers (home and office/large format) may not be deleted by the usual initialization process,” Canon’s advisory said.

The vulnerability, tracked as CP2023-003, affects tens of different Canon printer models, including large-format machines. The list of all affected devices can be found here.

The advisory instructed users to follow several steps to avoid third parties accessing sensitive data after users decommissioned the device.

Printers that are equipped with a “reset all” setting should enable the setting, proceed to enable wireless LAN, and reset all settings one more time. Devices with no “reset all” functionality should reset the LAN setting, enable wireless LAN, and reset the LAN setting again.

Why does printer security matter?

Printers are lucrative targets for attackers, as owners rarely consider printer security. However, as the Cybernews team has proven, it’s possible to hijack tens of thousands of devices simultaneously.

Less high-minded attackers could exploit printer vulnerabilities to access sensitive data. Many organizations use printers to print sensitive, confidential, and classified data. These printers can also store copies of that data in their memory.

Attackers can easily exfiltrate this data by accessing unsecured office printers and using it for blackmail or corporate espionage or simply selling it on the black market of the dark web.

Malicious actors can also take over unsecured printers and incorporate them into botnets to perform DDoS attacks, send spam, and more.

Cybercriminals can use internet-connected printers to gain an initial foothold into the local or corporate networks and find more ways to cause more damage to unsuspecting victims.


More from Cybernews:

After talking to security expert, I deleted all Chrome extensions: they see everything

NoName hacker group targets Italy's top-tier banks

Meta ends news access for Canadian Facebook, Instagram users

Volvo owner Geely to release its own AI model

Subscribe to our newsletter



Leave a Reply

Your email address will not be published. Required fields are markedmarked