Vulnerability of Fax Protocol
Recently, researchers reported on vulnerabilities found in the communication protocols in the fax functions
of certain products. (CVE-ID: CVE-2018-5924, CVE 2018-5925)
For information regarding the impact of these vulnerabilities on Canon products equipped with fax functions,
please see below:
Based on our review, as they do not employ the color G3 Fax Protocol exploited by these vulnerabilities, the
following products are unaffected:
imageRUNNER/iR, imageRUNNER ADVANCE, LASER CLASS, imagePRESS, FAXPHONE, GP and
imageCLASS/i-SENSYS series models equipped with fax functions.
MAXIFY and PIXMA series products equipped with fax functions do make use of the Color G3 Fax Protocol.
However, we have not identified any risk of malicious code being executed via the fax circuit or risk to the
security of information saved on these devices.
We will continue to monitor this situation and take appropriate action necessary to help ensure the security
of our devices.