iStock_80038439_XXXLARGE

Canon Security

On this page you will find important information regarding Canon security


Fraudulent Store Warning


It has come to our attention that there are several websites claiming to offer significantly discounted Canon products at 90% off or more. These websites are designed to look like our official Canon Store and we believe they are not legitimate, aimed only at confusing and deceiving our customers into sharing personal and financial data. We advise our customers to be vigilant when shopping online with Canon and other retailers.


To recognise the official Canon online store, all Canon stores across Europe have a similar domain name: https://store.canon.xx
The final characters change per each country. For example: https://store.canon.fr & https://store.canon.co.uk.

Latest News

“Log4j” RCE [CVE-2021-44228], “Log4j” RCE [CVE-2021-45046] and “Log4j” DOS [CVE-2021-45105] vulnerabilities – 12 January 2022

We are currently in the process of investigating the impact of the ‘Log4j’ https://logging.apache.org/log4j/2.x/security.html vulnerability on Canon products. As information comes to light, we will update this article.

The table below gives the vulnerability status for the hardware and software products listed. Please check back regularly.

Product

Status/Statement

Canon

• imageRUNNER

• imageRUNNER ADVANCE

• imagePRESS

• i-SENSYS

• i-SENSYS X

• imagePROGRAF

• imageFORMULA

These devices are not affected.

Canon

• imageWARE Management Console

• imageWARE Enterprise Management Console

• eMaintenance Optimiser

• eMaintenance Universal Gateway

• Canon Data Collection Agent

• Remote Support Operator Kit

• Content Delivery Service

• Device Settings Configurator

• Canon Reporting Service Online

• OS400 Object Generator

• CQue Driver

• SQue Driver

Software not affected.

Canon Production Printing

• PRISMA Cutsheet and Toner systems

• Continuous Printing

• Large Format Graphics

• Technical Document Systems

https://cpp.canon/products-technologies/security/latest-news/

NT-ware

• uniFLOW

• uniFLOW Online

• uniFLOW Online Express

• uniFLOW sysHub

• PRISMAsatellite

https://www.uniflow.global/en/security/security-and-maintenance/

Avantech

• Scan2x

• Scan2x Online

Scan2x statement on Log4J vulnerability - scan2x

Cirrato

• Cirrato One

• Cirrato Embedded

Not affected.

Compart

• DocBridge Suite

Information - Compart

Docspro

• Import Controller

• XML Importer

• Email Importer

• Knowledge Base

• Universal Test Release

• Advanced PDF Creator

• Webservice Export Connector

Not affected.

Docuform

• Mercury Suite

Not affected.

Doxsense

• WES Pull Print 2.1

• WES Authentication 2.1

Not affected.

EFI

• Fiery

https://communities.efi.com/s/feed/0D55w00009ARpbxCAD?language=en_US

Genius Bytes

• Genius MFP Canon Client

Log4j Zero Day Vulnerability - Genius Bytes

Not affected

IRIS

• IRISXtract

• IRISPowerscan

• Readiris PDF 22

• Readiris 16 & 17

• Cardiris

• IRISPulse

IRIS-Statement-Log4J_20141217.pdf (irisdatacapture.com)

Kantar

• Discover Assessment Web Survey

Not affected.

Kofax

• PowerPDF

• eCopy ShareScan

• Robotic Process Automation

• Kofax Communication Manager Solution

Kofax products and Apache Log4j2 vulnerability information - Kofax

Not affected.

Until the ShareScan patches are ready, follow the steps in the ShareScan and Log4j vulnerability (CVE-2021-44228) - Kofax article.

Patches are available. See Kofax RPA CVE-2021-44228 log4j Security Exploit Information article.

Patches are available. See log4j vulnerability in Kofax Communications Manager article.

Netaphor

• SiteAudit

SiteAudit Vulnerability Exposure | Netaphor SiteAudit(TM) Knowledgebase

Netikus

• EventSentry

Is EventSentry affected by the Log4Shell Log4j RCE CVE-2021-44228 | EventSentry

Newfield IT

• Asset DB

Not affected.

Objectif Lune

• Connect

Past versions of Objectif Lune Connect used the log4j module, but it was removed from the software with the release of Objectif Lune Connect 2018.1. So as long as you are running a version of Objectif Lune Connect that is 2018.1 or later, the vulnerability is not present.

OptimiDoc

• OptimiDoc

OptimiDoc | Log4j information

Overall

• Print In City

Not affected.

PaperCut

• PaperCut

Log4Shell (CVE-2021-44228) - How is PaperCut Affected? | PaperCut

Paper River

• TotalCopy

Not affected.

Ringdale

• FollowMe Embedded

Not affected.

Quadient

• Inspire Suite

Quadient University Log4J Information for Existing Customers

T5 Solutions

• TG-PLOT/CAD-RIP

Not affected.

Therefore

• Therefore

• Therefore Online

https://therefore.net/log4j-therefore-unaffected/

Westpole

• Intelligent Print Management

Not affected.

 

Cross-site scripting vulnerability for laser printers and multifunction devices for small offices – 11 January 2022

A cross-site scripting vulnerability has been identified in the Remote UI function of Canon laser printers and multifunction devices for small office – see the affected models below (vulnerability identification number: JVN # 64806328).

For this vulnerability to be exploited, it is necessary for the attacker to be in the administrator mode. Whilst there have been no reports of data loss, we advise installing the latest firmware to enhance security. Updates can be found at https://www.canon-europe.com/support/.

We also recommend that a private IP address is set and a network environment ensuring that connection is established through a firewall or Wi-Fi router that can restrict network access. Please see https://www.canon-europe.com/support/product-security/ for more details of security measures when connecting devices to a network.

Affected products:

iSENSYS

LBP162DW

LBP113W

LBP151DW

MF269dw, MF267dw, MF264dw

MF113w

MF249dw, MF247dw, MF244dw, MF237w, MF232w

MF229dw, MF217w, MF212w

MF4780w, MF4890dw


imageRUNNER

2206IF

2204N, 2204F

 

Windows Print Spooler Remote Code Execution Vulnerability – Updated 16 November 2021

A vulnerability with Microsoft Windows Print Spooler was discovered earlier this year, which has been referred to as “PrintNightmare”. The vulnerability allows hackers to take control users' Windows systems under certain conditions.

While this may affect the users of Canon devices, this is the result of a flaw within Microsoft software rather than any issue with Canon's products or software. Specifically, the issue lies with the print spooler functionality which is installed on every Windows Server and Windows desktop.

Microsoft announced that these vulnerabilities were resolved within the Microsoft July 6th Security Update, available through Windows Update or by downloading and installing KB5004945. Microsoft recommends that IT teams apply this update immediately to help prevent intrusions related to these vulnerabilities. For full information from Microsoft on the matter, please visit https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-34527

In addition to Microsoft’s advice to install the updates, we also recommend you secure your system by confirming that the following registry settings are set to 0 (zero) or are not defined (Note: these registry keys do not exist by default, and therefore are already at the secure setting). You should also check that your Group Policy settings are correct:

  • HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows NT\Printers\PointAndPrint
  • NoWarningNoElevationOnInstall = 0 (DWORD) or not defined (default setting)
  • UpdatePromptSettings = 0 (DWORD) or not defined (default setting)

Having the ‘NoWarningNoElevationOnInstall’ registry key set to 1 reduces your system security posture.

We advise that your IT team continues to monitor the Microsoft support site to ensure that all applicable underlying operating system patches are applied.

You might also need...