Product Advisories

Print This PageEmail This Page

Firmware Update: Canon Laser Printer and Small office Multifunctional Printer related to IP Stack protocol

Thank you for using Canon products.

Canon U.S.A., Inc. has recently been informed (by SCADAfence Ltd.) of a vulnerability related to IP stack protocol (Common Vulnerabilities Exposures ID: CVE-2020-16849), which is used by the Canon Laser Printers and Small Office Multifunctional Printers listed below. Due to this vulnerability, if the printer is connected to a PC, and an unsecured network is in use, a potential exists for unauthorized access to an “Address book” (or fragments of an Address book), and/or an “administrator password” that has been taken through an unsecured network.

We are not aware of any cases of this vulnerability being exploited to cause harm, but to help ensure that our customers can continue to use our products in a secure manner, we are providing you firmware for the following products to address the vulnerability.

Affected Products

imageCLASS MF Series
imageCLASS MF113w
imageCLASS MF229dw
imageCLASS MF226dn
imageCLASS MF216n
imageCLASS MF244dw
imageCLASS MF249dw
imageCLASS MF264dw
imageCLASS MF269dw
imageCLASS MF4890dw
imageCLASS MF4870dn
imageCLASS MF4770n

imageCLASS LBP Series
imageCLASS LBP151dw
imageCLASS LBP162dw

Support
Please click your product from the list above or proceed to https://www.cla.canon.com/cla/en/support to download the firmware.

Furthermore we recommend that you set up a private IP address for products and create a network environment with a firewall or Wi-Fi router that can restrict network access.

Contact Information
Should you have any questions about the announcement, please contact the Authorized Service Facility in your area or you may contact the Call Center within your region.