Canon has recently issued an advisory, alerting users to wipe WiFi data settings from their Inkjet printers. The vendors explained that some inkjet printer models retain WiFi data, that users must reset before abandoning their printers.
Canon Inkjet Printers Require Wiping WiFi Data
According to a recent Canon advisory, a large number of Canon Inkjet printer models exhibit a serious security vulnerability. But the vulnerability doesn’t directly impact the printers’ hardware or firmware. Instead, it exists due to how the printers handle WiFi data.
As explained, Canon Inkjet printers may retain WiFi data even after initialization – the process supposed to restore the printer to its original state.
While initialization usually deletes the saved data and settings successfully, in some select Canon Inkjet printers, sensitive information stored over the WiFi connections may remain stored. Hence, leaving the printers to unauthorized persons, such as repair staff, or selling/discarding the printers poses a security risk as an adversary may access the stored information.
Although this vulnerability affects some select models, it still includes a wide range of printer models. Given the extensive usage of Canon inkjet printers in home and office setups, the vulnerability potentially risks a considerable number of organizations and individual users globally.
To address the issue, Canon has shared a simple mitigation procedure, which includes the following steps.
- Reset all settings (Reset settings ‐> Reset all)
- Enable the wireless LAN
- Reset all settings one more time
Performing these steps before abandoning a printer ensures deleting any stored WiFi data.
For printers lacking the “Reset all” functionality, Canon advises performing the following steps.
- Reset LAN settings
- Enable the wireless LAN
- Reset LAN settings one more time
Users may go through this list to know if their printer(s) exhibit this vulnerability. For vulnerable models, users may follow the respective printers’ instruction manuals to perform the Reset all/Reset LAN settings.
It remains unclear if Canon plans to roll out any firmware updates to address this flaw.
Let us know your thoughts in the comments.