Exfiltration of data from disposed electronic devices has been one of the various techniques used by threat actors for stealing sensitive information about an organization.
This information is then used to gain unauthorized access to compromise the network for malicious activities.
Canon is one of the most popular electronic companies that specializes in cameras, printers, and other electronic equipment.
Recent reports from Canon indicate that around 200 models of Canon Inkjet printers store sensitive Wi-Fi connection information which third parties can extract.
Companies often dispose of old, unused, or faulty printers and replace them with new ones.
These printers are either sold in the market or disposed of directly. In some cases, companies repair these printers with the help of third-party electronic supporters.
In such cases, these printers must be erased before submitting to a third party for repair or disposing of.
As printers are part of the network and require multiple information about the SSID, network configuration, IP addresses of connected systems, and much more information, it is considered a valuable asset for threat actors who attempt to steal information from these printers.
Canon provided mitigation steps for clearing all the information from these printers. Automatic erasing of information is not present in these affected models, for which Canon has provided alternate methods.
Companies who dispose of, lend, or repair their printers are recommended to follow the below steps,
- All settings must be Reset (Reset settings → Reset all)
- Enable the WLAN and reset all the settings once again
For printers that do not have the reset option,
- Reset LAN settings,
- Enable the Wireless LAN
- Reset LAN settings one more time
Canon has released a complete list of affected products that do not delete the information automatically.
Users of these inkjet printers are recommended to follow the above steps to prevent the leaking of sensitive information to third parties. It is yet to be confirmed regarding the patches for this vulnerability from Canon.