Service Notice: Canon Laser Printer and Small Office Multifunctional Printer related to cross-site scripting
Article ID: ART180558 | Date published: 12/30/2021 | Date last updated: 12/30/2021
 

Description

Canon U.S.A., Inc. has recently become aware of a potential cross-site scripting vulnerability in the Remote UI feature of the Canon Laser Printers and Small Office Multifunctional Printers listed below. Administrative rights to the product would be necessary to take advantage of this potential vulnerability. (Vulnerability Tracking ID JVN#64806328)

Affected models:
imageCLASS MF Series
MF113W/MF212W/MF217W/MF227DW/MF229DW
MF232W/MF244DW/MF247DW/MF249DW
MF264DW/MF267DW/MF269DW/MF269DW VP
MF4570DN/MF4570DW/MF4770N/MF4880DW/MF4890DW

imageCLASS LBP Series
LBP113W/LBP151DW/LBP162DW

Solution

Support

Firmware download:
Please proceed to https://www.usa.canon.com/support to download the firmware.

Furthermore, if you have not done so already, we recommend that you set up a private IP address for products and create a network environment with a firewall or Wi-Fi router that can restrict network access.

In addition, please check “Regarding security for products connected to a network” in the URL below for other security measures that can be used with your Canon products.

https://global.canon/en/support/security/prd-secu.html

Thank you,
Customer Support
Canon U.S.A., Inc.