Canon U.S.A., Inc. has recently been informed (by SCADAfence Ltd.) of a vulnerability related to IP stack protocol (Common Vulnerabilities Exposures ID: CVE-2020-16849), which is used by the Canon Laser Printers and Small Office Multifunctional Printers listed below. Due to this vulnerability, if the printer is connected to a PC, and an unsecured network is in use, a potential exists for unauthorized access to an “Address book” (or fragments of an Address book), and/or an “administrator password” that has been taken through an unsecured network.
We are not aware of any cases of this vulnerability being exploited to cause harm, but to help ensure that our customers can continue to use our products in a secure manner; we are providing you firmware for the following products to address the vulnerability.
imageCLASS MF Series
imageCLASS LBP Series