iStock_80038439_XXXLARGE

Canon Security

On this page you will find important information regarding Canon security


Fraudulent Store Warning


It has come to our attention that there are several websites claiming to offer significantly discounted Canon products at 90% off or more. These websites are designed to look like our official Canon Store and we believe they are not legitimate, aimed only at confusing and deceiving our customers into sharing personal and financial data. We advise our customers to be vigilant when shopping online with Canon and other retailers.


To recognise the official Canon online store, all Canon stores across Europe have a similar domain name: https://store.canon.xx
The final characters change per each country. For example: https://store.canon.fr & https://store.canon.co.uk.

Latest News

Regarding vulnerability measure against buffer overflow for Laser Printers and Small Office Multifunction Printers (CVE-2022-43608) – 25 November 2022

Multiple cases of buffer overflow vulnerabilities have been identified with Canon Laser Printers and Small Office Multifunctional Printers. A list of affected models is given below.

Whilst we have not received any reports of exploitation, we recommend that you upgrade your device firmware to the latest version.

This vulnerability suggests that if a product is connected directly to the Internet without using a wired or Wi-Fi router, a third party on the Internet could execute arbitrary code or the product could be subjected to a Denial-of Service (DoS) attack.

We do not recommend connecting directly to the Internet – please use a private IP address on a secure private network configured via a firewall or wired/WiFi router. Please see www.canon-europe.com/support/product-security for ‘security for product connected to a network.’

We will continue to further strengthen our security measures to ensure that you can continue using Canon products with peace of mind. If the vulnerability is identified in other products, we will update this article.

The Laser Printers and Small Office Multifunction Printers which could be affected include:


i-SENSYS LBP621Cw, LBP623Cdw
i-SENSYS LBP633Cdw, LBP664Cx
i-SENSYS MF641Cw, MF643CDW, MF645Cx
i-SENSYS MF742CDW, MF744CDW, MF746CDW
i-SENSYS X C1127i, C1127iF
i-SENSYS X C1127P

Please visit Support for firmware, software and product support information.

Canon would like to thank the following researcher for identifying this vulnerability.

  • CVE-2022-43608: Angelboy (@scwuaptx) from DEVCORE Research Team working with Trend Micro's Zero Day Initiative
 

Regarding vulnerability measure against buffer overflow for Laser Printers and Small Office Multifunction Printers – 09 August 2022

Multiple cases of buffer overflow vulnerabilities have been identified with Canon Laser Printers and Small Office Multifunctional Printers. Related CVEs are: CVE-2022-24672, CVE-2022-24673 and CVE-2022-24674. A list of affected models is given below.

Whilst we have not received any reports of exploitation, please upgrade the device firmware to the latest version.

This vulnerability suggests the possibility that if a product is connected directly to the Internet without using a wired or Wi-Fi router, a third party on the Internet may execute arbitrary code or the product could be subjected to Denial-of Service (DoS) attack.

We do not recommend connecting directly to the Internet – please use a private IP address on a secure private network configured via a firewall or wired/WiFi router. Please see www.canon-europe.com/support/product-security for ‘security for product connected to a network.’

We will continue to work to further strengthen security measures to ensure that you can continue using Canon products with peace of mind. If vulnerabilities are identified in other products, we will immediately update this article.

The Laser Printers and Small Office Multifunction Printers, which require the countermeasure:


imageRUNNER 1133, 1133A, 1133iF3
imageRUNNER 1435, 1435i, 1435iF, 1435P
imageRUNNER 1643i II, 1643iF II
imageRUNNER 1643i, 1643iF
imageRUNNER C1225, C1225iF
imageRUNNER C1325iF, C1335iF, C1335iFC
imageRUNNER C3025, C3025i
imageRUNNER C3125i
i-SENSYS LBP214dw, LBP215x
i-SENSYS LBP223dw, LBP226dw, LBP228x
i-SENSYS LBP233dw, LBP236dw
i-SENSYS LBP251dw, LBP252dw, LBP253x
i-SENSYS LBP611Cn, LBP613Cdw
i-SENSYS LBP621Cw, LBP623Cdw
i-SENSYS LBP631Cw, LBP633Cdw
i-SENSYS LBP653Cdw, LBP654x
i-SENSYS LBP663Cdw, LBP644Cx
i-SENSYS MF411dw, MF416dw, MF418x, MF419x
i-SENSYS MF421dw, MF426dw, MF428x, MF429x
i-SENSYS MF443dw MF445dw, MF446x, MF449x
i-SENSYS MF453dw, MF455dw
i-SENSYS MF512x, MF515x
i-SENSYS MF542x, MF543x
i-SENSYS MF552dw, MF553dw
i-SENSYS MF6140dn, MF6180dw
i-SENSYS MF623Cn, MF628Cw
i-SENSYS MF631Cn, MF633Cdw, MF635Cx
i-SENSYS MF641Cw, MF643Cdw, MF645Cx
i-SENSYS MF651Cw, MF655Cdw, MF657Cdw
i-SENSYS MF724Cdw, MF728Cdw, MF729Cx
i-SENSYS MF732Cdw, MF734Cdw, MF735Cx
i-SENSYS MF742Cdw, MF 744Cdw, MF746Cx
i-SENSYS MF8230Cn, MF8230Cw
i-SENSYS MF8540Cdn, MF8550Cdn, MF8580Cdw
i-SENSYS X 1238i II, 1238iF II
i-SENSYS X 1238i, 1238iF
i-SENSYS X 1238Pr II, 1238P II
i-SENSYS X 1238Pr, 1238P
i-SENSYS X C1127i, C1127iF
i-SENSYS X C1127P
WG7440, 7450, 7450F, 7450Z
WG7540, 7550, 7550F, 7550Z

Please visit Support for firmware, software and product support information.

CANON would like to thank the following people for identifying this vulnerability.

  • CVE-2022-24672: Mehdi Talbi (@abu_y0ussef), Remi Jullian (@netsecurity1), Thomas Jeunet (@cleptho), from @Synacktiv working with Trend Micro's Zero Day Initiative
  • CVE-2022-24673: Angelboy (@scwuaptx) from DEVCORE Research Team working with Trend Micro's Zero Day Initiative
  • CVE-2022-24674: Nicolas Devillers ( @nikaiw ), Jean-Romain Garnier and Raphael Rigo ( @_trou_ ) working with Trend Micro's Zero Day Initiative
 

Spring4Shell vulnerability (CVE-2022- 22965, CVE-2022-22947, CVE-2022- 22950, CVE-2022-22963) – Updated 28 April 2022

A Spring MVC or Spring WebFlux application running on JDK 9+ may be vulnerable to remote code execution (RCE) via data binding. The specific exploit requires the application to run on Tomcat as a WAR deployment. If the application is deployed as a Spring Boot executable jar, i.e. the default, it is not vulnerable to the exploit. However, the nature of the vulnerability is more general, and there may be other ways to exploit it. The malicious class file can do virtually anything: leak data or secrets, launch other software such as ransomware, mine cryptocurrencies, introduce backdoors or create a steppingstone further into a network.

https://cpp.canon/products-technologies/security/latest-news/

The goal of this page is to list the Canon Production Printing (CPP) products that may be impacted by the following CVE reports:

  • CVE-2022-22947
  • CVE-2022-22950
  • CVE-2022-22963
  • CVE-2022-22965

The table below gives the vulnerability status for the Canon Production Printing hardware and software products listed. Please check back regularly to be informed regarding the updated status.

Products assessed and status

CTS – Cutsheet and Toner Systems / Inkjet Sheetfed Press

Products

Status

PRISMAsync print server based products

Not impacted

varioPRINT 140 series

Not impacted

varioPRINT 6000 series

Not impacted

varioPRINT i-series

Not impacted

varioPRINT iX-series

Not impacted

Service Control Station (SCS) for VPi300 series and VPiX series

Not impacted

Tablet for VPi300 series and VPiX series

Not impacted

PRISMAsync i300/iX Simulator

Not impacted

PRISMAprepare V6

Not impacted

PRISMAprepare V7

Not impacted

PRISMAprepare V8

Not impacted

PRISMAdirect V1

Not impacted

PRISMAprofiler

Not impacted

PRISMA Cloud

PRISMA Home

PRISMAprepare Go

PRISMAlytics Accounting

Not impacted


PPP – Production Printing Products

Products

Status

ColorStream 3×00

ColorStream 3x00Z

Not impacted

Colorstream 6000

Not impacted

ColorStream 8000

Not impacted

ProStream 1×00

Not impacted

LabelStream 4000 series

Not impacted

ImageStream

Not impacted

JetStream V1

JetStream V2

Not impacted

VarioStream 4000

Not impacted

VarioStream 7000 series

Not impacted

VarioStream 8000

Not impacted

PRISMAproduction Server V5

Not impacted

PRISMAproduction Host

Not impacted

PRISMAcontrol

Not impacted

PRISMAspool

Not impacted

PRISMAsimulate

New version available*

TrueProof

Not impacted

DocSetter

Not impacted

DPconvert

Not impacted

* Please contact your local Canon service representative

LFG – Large Format Graphics

Products

Status

Arizona series

under investigation

Colorado series

Not impacted

ONYX HUB

under investigation

ONYX Thrive

under investigation

ONYX ProductionHouse

under investigation


TDS – Technical Documentation Systems

Products

Status

TDS series

Not impacted

PlotWave series

Not impacted

ColorWave series

Not impacted

Scanner Professional

Not impacted

Driver Select, Driver Express, Publisher Mobile

Not impacted

Publisher Select

Not impacted

Account Console

Not impacted

Repro Desk

Not impacted


Service & Support Tools

Products

Status

On Remote Service

Not impacted


 

RSA key generation vulnerability for Enterprise/Small Office Multifunction Printers, Laser Printers and Inkjet Printers – 04 April 2022

A vulnerability had been confirmed in the RSA key generating process in the Cryptographic library mounted on Canon’s Enterprise/Small Office Multifunction Printers and Laser Printers/Inkjet Printers. A full list of affected products is included below.

The risk of this vulnerability is the possibility of private key for RSA public key being estimated by someone, due to issues in the generation process of RSA key pair.
If the RSA key pair is used for TLS or IPSec, is generated by a Cryptographic library with this vulnerability, this RSA public key could be taken by a third party or even be falsified.

We have not received any incident reports regarding this vulnerability so far and users can rest assured if firmware on the impacted products is being resolved

Where the RSA key pair had been created by the Cryptographic library with this vulnerability, additional steps are required after the firmware update. Depending on the affected, refer to Steps to check the key and measure to be taken described below to take a correct action.

In addition, do not connect the products directly to the internet, but use firewall, wire connected environment or securely protected private network environment if using Wi-Fi router. Set a private IP address as well.

For details, please refer to Securing products when connecting to a network.

Enterprise/Small Office Multifunction Printers and Laser Printers/Inkjet Printers, which require the measure.

imagePROGRAF TZ-30000
imagePROGRAF TX-4100/3100/2100
iPR C165/C170
iR 1643i II, iR 1643iF II
iR 2425
iR 2645/2635/2630
iR-ADV 4551/4545/4535/4525
iR-ADV 4551Ⅲ/4545 Ⅲ/4535 Ⅲ/4525 Ⅲ
iR-ADV 4725/4735/4745/4751
iR-ADV 527/617/717
iR-ADV 6000
iR-ADV 6575/6565/6560/6555
iR-ADV 6575Ⅲ/6565Ⅲ/6560Ⅲ
iR-ADV 6755/6765/6780
iR-ADV 6855/6860/6870
iR-ADV 715/615/525
iR-ADV 715Ⅲ/615Ⅲ/525Ⅲ
iR-ADV 8505/8595/8585
iR-ADV 8505Ⅲ/8595Ⅲ/8585Ⅲ
iR-ADV 8705/8705B/8795
iR-ADV C256Ⅲ/C356Ⅲ
iR-ADV C257/C357
iR-ADV C3530/C3520
iR-ADV C3530Ⅲ/C3520Ⅲ
iR-ADV C355/255
iR-ADV C356/256
iR-ADV C3730/C3720
iR-ADV C3830/C3826/C3835
iR-ADV C475Ⅲ
iR-ADV C477/C478
iR-ADV C5560/5550/5540/5535
iR-ADV C5560Ⅲ/5550Ⅲ/5540Ⅲ/5535Ⅲ
iR-ADV C5760/5750/5740/5735
iR-ADV C5870/C5860/C5850/C5840
iR-ADV C7580/C7570/C7565
iR-ADV C7580Ⅲ/C7570Ⅲ/C7565Ⅲ
iR-ADV C7780/C7770/C7765
iRC3226
i-SENSYS X 1238 II, i-SENSYS X 1238iF II
i-SENSYS X 1238P II, i-SENSYS X 1238Pr II
LBP233Dw, LBP236Dw
LBP631Cw, LBP633Cdw
MF 453dw, MF455dw
MF552dw, MF553dw
MF651dw, MF655Cdw, MF657Cdw
PRO-G1/PRO-300,PRO-S1/PRO-200
imagePROGRAF GP-200/300/2000/4000
MAXIFY GX6040
MAXIFY GX6050
MAXIFY GX7040
MAXIFY GX7050
MF830Cx, MF832Cx, MF832Cdw, iR C1533, C1538
LBP720Cx/LBP722Cx/LBP722Ci/LBP722Cdw/C1533P/C1538P

Steps to check and resolve for Inkjet Printers key

Please visit Support for firmware, software and product support information.

 

“Log4j” RCE [CVE-2021-44228], “Log4j” RCE [CVE-2021-45046] and “Log4j” DOS [CVE-2021-45105] vulnerabilities – 12 January 2022

We are currently in the process of investigating the impact of the ‘Log4j’ https://logging.apache.org/log4j/2.x/security.html vulnerability on Canon products. As information comes to light, we will update this article.

The table below gives the vulnerability status for the hardware and software products listed. Please check back regularly.

Product

Status/Statement

Canon

• imageRUNNER

• imageRUNNER ADVANCE

• imagePRESS

• i-SENSYS

• i-SENSYS X

• imagePROGRAF

• imageFORMULA

These devices are not affected.

Canon

• imageWARE Management Console

• imageWARE Enterprise Management Console

• eMaintenance Optimiser

• eMaintenance Universal Gateway

• Canon Data Collection Agent

• Remote Support Operator Kit

• Content Delivery Service

• Device Settings Configurator

• Canon Reporting Service Online

• OS400 Object Generator

• CQue Driver

• SQue Driver

Software not affected.

Canon Production Printing

• PRISMA Cutsheet and Toner systems

• Continuous Printing

• Large Format Graphics

• Technical Document Systems

https://cpp.canon/products-technologies/security/latest-news/

NT-ware

• uniFLOW

• uniFLOW Online

• uniFLOW Online Express

• uniFLOW sysHub

• PRISMAsatellite

https://www.uniflow.global/en/security/security-and-maintenance/

Avantech

• Scan2x

• Scan2x Online

Scan2x statement on Log4J vulnerability - scan2x

Cirrato

• Cirrato One

• Cirrato Embedded

Not affected.

Compart

• DocBridge Suite

Information - Compart

Docspro

• Import Controller

• XML Importer

• Email Importer

• Knowledge Base

• Universal Test Release

• Advanced PDF Creator

• Webservice Export Connector

Not affected.

Docuform

• Mercury Suite

Not affected.

Doxsense

• WES Pull Print 2.1

• WES Authentication 2.1

Not affected.

EFI

• Fiery

https://communities.efi.com/s/feed/0D55w00009ARpbxCAD?language=en_US

Genius Bytes

• Genius MFP Canon Client

Log4j Zero Day Vulnerability - Genius Bytes

Not affected

IRIS

• IRISXtract

• IRISPowerscan

• Readiris PDF 22

• Readiris 16 & 17

• Cardiris

• IRISPulse

IRIS-Statement-Log4J_20141217.pdf (irisdatacapture.com)

Kantar

• Discover Assessment Web Survey

Not affected.

Kofax

• PowerPDF

• eCopy ShareScan

• Robotic Process Automation

• Kofax Communication Manager Solution

Kofax products and Apache Log4j2 vulnerability information - Kofax

Not affected.

Until the ShareScan patches are ready, follow the steps in the ShareScan and Log4j vulnerability (CVE-2021-44228) - Kofax article.

Patches are available. See Kofax RPA CVE-2021-44228 log4j Security Exploit Information article.

Patches are available. See log4j vulnerability in Kofax Communications Manager article.

Netaphor

• SiteAudit

SiteAudit Vulnerability Exposure | Netaphor SiteAudit(TM) Knowledgebase

Netikus

• EventSentry

Is EventSentry affected by the Log4Shell Log4j RCE CVE-2021-44228 | EventSentry

Newfield IT

• Asset DB

Not affected.

Objectif Lune

• Connect

Past versions of Objectif Lune Connect used the log4j module, but it was removed from the software with the release of Objectif Lune Connect 2018.1. So as long as you are running a version of Objectif Lune Connect that is 2018.1 or later, the vulnerability is not present.

OptimiDoc

• OptimiDoc

OptimiDoc | Log4j information

Overall

• Print In City

Not affected.

PaperCut

• PaperCut

Log4Shell (CVE-2021-44228) - How is PaperCut Affected? | PaperCut

Paper River

• TotalCopy

Not affected.

Ringdale

• FollowMe Embedded

Not affected.

Quadient

• Inspire Suite

Quadient University Log4J Information for Existing Customers

T5 Solutions

• TG-PLOT/CAD-RIP

Not affected.

Therefore

• Therefore

• Therefore Online

https://therefore.net/log4j-therefore-unaffected/

Westpole

• Intelligent Print Management

Not affected.

 

Cross-site scripting vulnerability for laser printers and multifunction devices for small offices – 11 January 2022

A cross-site scripting vulnerability has been identified in the Remote UI function of Canon laser printers and multifunction devices for small office – see the affected models below (vulnerability identification number: JVN # 64806328).

For this vulnerability to be exploited, it is necessary for the attacker to be in the administrator mode. Whilst there have been no reports of data loss, we advise installing the latest firmware to enhance security. Updates can be found at https://www.canon-europe.com/support/.

We also recommend that a private IP address is set and a network environment ensuring that connection is established through a firewall or Wi-Fi router that can restrict network access. Please see https://www.canon-europe.com/support/product-security/ for more details of security measures when connecting devices to a network.

Affected products:

iSENSYS

LBP162DW
LBP113W
LBP151DW<
MF269dw, MF267dw, MF264dw
MF113w
MF249dw, MF247dw, MF244dw, MF237w, MF232w
MF229dw, MF217w, MF212w
MF4780w, MF4890dw

imageRUNNER

2206IF
2204N, 2204F
 

Windows Print Spooler Remote Code Execution Vulnerability – Updated 16 November 2021

A vulnerability with Microsoft Windows Print Spooler was discovered earlier this year, which has been referred to as “PrintNightmare”. The vulnerability allows hackers to take control users' Windows systems under certain conditions.

While this may affect the users of Canon devices, this is the result of a flaw within Microsoft software rather than any issue with Canon's products or software. Specifically, the issue lies with the print spooler functionality which is installed on every Windows Server and Windows desktop.

Microsoft announced that these vulnerabilities were resolved within the Microsoft July 6th Security Update, available through Windows Update or by downloading and installing KB5004945. Microsoft recommends that IT teams apply this update immediately to help prevent intrusions related to these vulnerabilities. For full information from Microsoft on the matter, please visit https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-34527

In addition to Microsoft’s advice to install the updates, we also recommend you secure your system by confirming that the following registry settings are set to 0 (zero) or are not defined (Note: these registry keys do not exist by default, and therefore are already at the secure setting). You should also check that your Group Policy settings are correct:

  • HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows NT\Printers\PointAndPrint
  • NoWarningNoElevationOnInstall = 0 (DWORD) or not defined (default setting)
  • UpdatePromptSettings = 0 (DWORD) or not defined (default setting)

Having the ‘NoWarningNoElevationOnInstall’ registry key set to 1 reduces your system security posture.

We advise that your IT team continues to monitor the Microsoft support site to ensure that all applicable underlying operating system patches are applied.

You might also need...