Canon Group
Close Close
Canon Finance logo | Canon Australia
Canon Finance Finance the latest technology for your business when you need it. Visit
Canon Professional Services logo | Canon Australia
Canon Professional Services Join our network of professionals and support services with a CPS membership. Visit
Canon Business Services Discover our range of business services with Canon Business Services. Visit
Converga logo | Canon Australia
Converga Optimise business processes and access technology to focus on what’s important. Visit
Products
Get Inspired
Support
Canon for Business
search
About Canon
Contact us
Menu Menu Close Close Search

Security advisory for Canon Laser Printers and Small office Multifunctional Printers related to IP Stack protocol

30th September 2020

This advisory relates to the below listed Canon devices:
MF229DW / MF249DW / MF269DW
MF4420N
MF4550D / MF4570DN / MF4570DW / MF4580DN / MF4580DW
• MF4980DW

Thank you very much for using Canon Products.

A cyber security company headquartered in Israel, SCADAfence Ltd., has drawn our attention to a vulnerability related to IP stack protocol, which is used by Canon Laser Printers and Small office Multifunctional Printers. (CVE-2020-16849)

The reported vulnerability does not exist when:
• HTTPS is used for the communication of Remote UI, the vulnerability is not present since data is encrypted
• A private IP address is set and a network environment with a firewall or Wi-Fi router that can restrict access.

In an environment not protected by the above, due to the IP stack protocol vulnerability there is potential for a third-party attack on the printers, if connected to a PC on an unsecured network. This vulnerability is limited to fragmented “Address book” or/and “administrator password” only.

At this point in time, there have been no confirmed cases of these vulnerabilities being exploited to cause harm, but in order to ensure that our customers can use our products securely, we recommend that you update the firmware for the products listed above.

We have outlined a number of security measures to ensure customers can continue to use their Canon products in a more secure way, please check “Regarding security for products connected to a network” here.

Share this page