A number of critical vulnerabilities were found in some Canon
Software

A number of critical vulnerabilities were found in some Canon i-Sensys printers

Several critical vulnerabilities have been discovered in some Canon i-Sensys series printers and MFPs that could potentially allow attackers to gain access to them via the Internet. All firmware of the affected printers up to and including version 3.07 are considered vulnerable.

  Image source: Canon

Image source: Canon

The Canon i-Sensys MF750 and LBP670 Color Laser series printers, as well as several models of the i-Sensys X series (X C1333i, C1333iF, X C1333P) are at risk. Seven security vulnerabilities have been discovered in these printers. In particular, some allow remote execution of arbitrary code, crashing the device, and carrying out denial of service (DoS) attacks. According to the CVSS (Common Vulnerability Scoring System) standard, most of these vulnerabilities are characterized as “critical”. They received a rating of 9.8 out of 10 on the severity scale.

Several organizations took part in discovering these vulnerabilities in Canon printers, including Nguyen Quoc, Team Viettel, ANHTUD, Connor Ford, as well as anonymous cybersecurity researchers.

Until the update that resolves the security issues is installed, owners of these Canon printers are advised not to connect them to the Internet. The manufacturer has already begun releasing new firmware for the affected printers and MFPs. For example, updates are available for device models such as MF754Cdw and MF752Cdw. It is recommended to install new software using fresh installation software Firmware Update Tool V03.09.

About the author

Robbie Elmers

Robbie Elmers is a staff writer for Tech News Space, covering software, applications and services.

Add Comment

Click here to post a comment