"Canon Warns of Wi-Fi Security Risks When Discarding Inkjet Printers"

Canon is warning users of home, office, and large-format inkjet printers that the Wi-Fi connection settings stored in the devices' memories are not wiped during initialization, enabling access to the data for others. This vulnerability could pose a security and privacy risk to affected users if the printer memory is extracted by repair technicians, temporary users, or future buyers of the devices, allowing them to get their Wi-Fi network's connection information. Depending on the model and configuration, the information stored in a Canon printer may include the network SSID, password, network type, assigned IP address, MAC address, and network profile. This sensitive Wi-Fi connection information could help a malicious third party gain unauthorized access to a Canon printer user's network to which the printer was connected. The attacker can then access shared resources, steal data, or execute other privacy-invading attacks exploiting additional vulnerabilities. This article continues to discuss the Wi-Fi security risks that arise when discarding inkjet printers.

Bleeping Computer reports "Canon Warns of Wi-Fi Security Risks When Discarding Inkjet Printers"