Connect with us

Hi, what are you looking for?


Mobile & Wireless

200 Canon Printer Models May Expose Wi-Fi Connection Data

Canon says more than 200 inkjet printer models fail to properly erase Wi-Fi configuration settings.

Japanese imaging and optical products giant Canon on Monday warned that more than 200 of its inkjet printer models fail to properly erase Wi-Fi configuration settings.

The issue, the company says, impacts both home and office printer series, and could potentially lead to the exposure of sensitive information.

Printer owners might need to delete the Wi-Fi settings from the printer’s memory when sending the device to repair or when disposing of it.

However, because the impacted models do not properly erase this information, third-parties could extract it and potentially abuse it for nefarious purposes, such as gaining unauthorized access to internal networks.

“Sensitive information on the Wi-Fi connection settings stored in the memories of inkjet printers (home and office/large format) may not be deleted by the usual initialization process,” Canon says in its advisory.

Canon has provided a list of more than 200 printer models that are affected by this vulnerability. Approximately 60 models are large-format inkjet printers typically used by businesses.

The company recommends that, when sending one of these printers to repair, lending it, or disposing of it, users perform a full reset of all settings, then turn the wireless LAN on and reset all settings once more.

Advertisement. Scroll to continue reading.

For models that do not have the ‘reset all settings’ function, users should reset LAN settings, enable wireless LAN, and then reset those settings once again.

It is unclear whether firmware updates will be released to address this issue. SecurityWeek has emailed Canon for an official statement on the matter.

Update: Canon U.S.A., Inc. provided the following statement to SecurityWeek:

“The notice on was released proactively to alert customers, including steps to address.  New firmware will be released as soon as it is available.”

Related: Critical Vulnerability Impacts Over 120 Lexmark Printers

Related: Many Vulnerabilities Found in PrinterLogic Enterprise Software

Related: Canon Says Data Stolen in August 2020 Ransomware Attack

Written By

Ionut Arghire is an international correspondent for SecurityWeek.

Click to comment

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join security experts as they discuss ZTNA’s untapped potential to both reduce cyber risk and empower the business.


Join Microsoft and Finite State for a webinar that will introduce a new strategy for securing the software supply chain.


Expert Insights

Related Content

Mobile & Wireless

Infonetics Research has shared excerpts from its Mobile Device Security Client Software market size and forecasts report, which tracks enterprise and consumer security client...

Mobile & Wireless

Apple rolled out iOS 16.3 and macOS Ventura 13.2 to cover serious security vulnerabilities.

Mobile & Wireless

Critical security flaws expose Samsung’s Exynos modems to “Internet-to-baseband remote code execution” attacks with no user interaction. Project Zero says an attacker only needs...

Mobile & Wireless

Samsung smartphone users warned about CVE-2023-21492, an ASLR bypass vulnerability exploited in the wild, likely by a spyware vendor.

Mobile & Wireless

Two vulnerabilities in Samsung’s Galaxy Store that could be exploited to install applications or execute JavaScript code by launching a web page.

Mobile & Wireless

Technical details published for an Arm Mali GPU flaw leading to arbitrary kernel code execution and root on Pixel 6.

Mobile & Wireless

Asus patched nine WiFi router security defects, including a highly critical 2018 vulnerability that exposes users to code execution attacks.

Mobile & Wireless

The February 2023 security updates for Android patch 40 vulnerabilities, including multiple high-severity escalation of privilege bugs.