Service Notice: Canon Laser Printer and Small Office Multifunctional Printer related to IP Stack protocol
Canon U.S.A., Inc. has recently been informed (by SCADAfence Ltd.) of a vulnerability related to IP stack protocol (Common Vulnerabilities Exposures ID: CVE-2020-16849), which is used by the Canon Laser Printers and Small Office Multifunctional Printers listed below. Due to this vulnerability, if the printer is connected to a PC, and an unsecured network is in use, a potential exists for unauthorized access to an “Address book” (or fragments of an Address book), and/or an “administrator password” that has been taken through an unsecured network.
We are not aware of any cases of this vulnerability being exploited to cause harm, but to help ensure that our customers can continue to use our products in a secure manner; we are providing you firmware for the following products to address the vulnerability.Affected models
imageCLASS MF Series
imageCLASS LBP Series
Please proceed to https://www.usa.canon.com/support to download the firmware.
Furthermore, we recommend that you set up a private IP address for products and create a network environment with a firewall or Wi-Fi router that can restrict network access.
We have outlined a number of security measures to help ensure customers can continue to use their Canon products in a more secure way. Please check “Regarding security for products connected to a network” in the URL below.https://global.canon/en/support/security/prd-secu.html
Canon Customer Support
Canon U.S.A., Inc.
Support options and hours of operation: www.usa.canon.com/support