In a new security alert to customers this week, Canon Inc. said it had uncovered a vulnerability in 196 of its inkjet printer models - including some wide format printers - where Wi-Fi connection settings are not deleted by the usual initialization process.
In an advisory note titled, Vulnerability Mitigation/Remediation for Inkjet Printers (Home and Office/Large Format), Canon said the security vulnerability could lead to a breach of user privacy and data security, “when your printer may be in the hands of any third party, such as when repairing, lending or disposing the printer.”
The full Canon statement reads:
Description
Sensitive information on the Wi-Fi connection settings stored in the memories of inkjet printers (home and office/large format) may not be deleted by the usual initialization process.
Affected Products/Versions
Please check the affected inkjet printer models from here.
Mitigation/Remediation
When your printer may be in the hand of any third party, such as when repairing, lending or disposing the printer, take the following steps from the printer unit:
Reset all settings (Reset settings ‐> Reset all)
Enable the wireless LAN
Reset all settings one more time.
For models that do not have the Reset all settings function, take the following steps:
Reset LAN settings
Enable the wireless LAN
Reset LAN settings one more time
Please refer to the operation manual of relevant model for specific Reset all or Reset LAN settings.
