U.S. CISA adds a Microsoft SharePoint Server flaw to its Known Exploited Vulnerabilities catalog|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|RustDuck: The Botnet That’s Still Small but Engineering Like It Plans to Grow|GuardFall Flaw Hits 10 of 11 Popular Open-Source AI Agents|XSS.is, The Forum That Ran the Ransomware Supply Chain Is Down. The Market Isn’t|U.S. CISA adds SimpleHelp flaw to its Known Exploited Vulnerabilities catalog|Hackers Steal Data of 4.38 Million Aflac Japan Customers|U.S. CISA adds a Microsoft SharePoint Server flaw to its Known Exploited Vulnerabilities catalog|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|RustDuck: The Botnet That’s Still Small but Engineering Like It Plans to Grow|GuardFall Flaw Hits 10 of 11 Popular Open-Source AI Agents|XSS.is, The Forum That Ran the Ransomware Supply Chain Is Down. The Market Isn’t|U.S. CISA adds SimpleHelp flaw to its Known Exploited Vulnerabilities catalog|Hackers Steal Data of 4.38 Million Aflac Japan Customers|
Advertisement

Ad Placeholder

Full Width × 90

Breaking News

Be aware of exposure of sensitive data on Wi-Fi settings for Canon inkjet printers

Canon warns that sensitive data on the Wi-Fi connection settings stored in the memories of inkjet printers may not be deleted during initialization. Canon warns that sensitive information on the Wi-Fi connection settings stored in the memories of home and office/large format inkjet printers may not be deleted by the usual initialization process. When a […]

canon

Canon warns that sensitive data on the Wi-Fi connection settings stored in the memories of inkjet printers may not be deleted during initialization.

Canon warns that sensitive information on the Wi-Fi connection settings stored in the memories of home and office/large format inkjet printers may not be deleted by the usual initialization process.

When a printer may be in the hand of any third party, such as when repairing, lending, selling or disposing the device, the users’ info may be exposed.

The information stored in a Canon printer depends on the specific model, however, almost any model stores the network SSID, the password, network type (WPA3, WEP, etc.), MAC address, and IP address.

The list of affected Inkjet printers and business Inkjet printers is available here.

Once obtained sensitive Wi-Fi connection information, a threat actor can gain access to the network that was hosting the printer and carry out a broad range of malicious activities.

Canon provided the following instructions to mitigate the issue by wiping Wi-FI settings:

  1. Reset all settings (Reset settings ‐> Reset all)
  2. Enable the wireless LAN
  3. Reset all settings one more time

For models that do not have the ‘Reset all’ function in the settings menu, users can follow the following procedure:

  1. Reset LAN settings
  2. Enable the wireless LAN
  3. Reset LAN settings one more time

Security researchers also recommend using Network Segmentation by placing the printer on a separate and dedicated network segment. This isolates it from sensitive systems and data, reducing the impact of a compromise.

Set up strong authentication mechanisms, such as complex passwords or use multi-factor authentication (MFA) for printer access. Keep the printer’s firmware and software up to date and disable unnecessary services or protocols on the printer that are not required for its intended function.

Of course, change default passwords immediately after installation and conduct periodic security audits of the printer’s settings and configurations.

Follow me on Twitter: @securityaffairs Facebook and Mastodon

Pierluigi Paganini

(SecurityAffairs – hacking, printer)