Usage professionnel

Web Advisory: Digital multifunction printer vulnerability

This web advisory concerns specific Canon digital multifunction printers and a potential vulnerability through their FTP servers. By taking the correct action outlined below, customers can be assured that the potential vulnerability described will be avoided.    Canon’s commitment to customer satisfaction is always paramount and we apologise for any inconvenience resulting from this issue.

The vulnerability in question is known as "FTP bounce." In its simplest terms, this vulnerability is based on the potential misuse of the PORT command in the FTP protocol.   For certain devices, a malicious user could potentially exploit this vulnerability to create a connection between the FTP server and other systems on another port.  Through this, such a user may be able to scan networks that they would not otherwise have access to and be able to conceal the true origin of an attempt to do this.  It should be noted that despite this, information in the network host cannot be obtained or sent via affected machines.

If you have any of the following products, please see steps below to clear this vulnerability.

Product Name

o iR C2620/C2620N/C3220/C3220N
o iR 6800C/6800CN/5800C/5800CN
o iR 3170C/3170Ci/2570C/2570Ci
o iR 3180C, iR3180Ci
o iR C5870/C5870i/C6870/C6870i
o iR C5880/C5880i/C6880/C6880i
o iR C5185i/CLC5151/C4580i/CLC4040/C4080i
o iR C2880/C2880i/C3380/C3380i
o iR C2380i
o iR 2270/2870/3570/4570
o iR 2230/3530
o iR 6570/5570
o iR 3025/3025N/3035/3035N/3045/3045N
o iR 5055/5055N/5065/5065N/5075/5075N
o iR 8070/9070/105+/85+
o iR 7086/7095/7105/7095P
o imagePRESS C1
o LBP5960
o i-SENSYS LBP5360
o i-SENSYS LBP3360
o i-SENSYS LBP3460


Steps to take to clear vulnerability

The following steps should guide you to change your own device settings, however please contact your local service and support company if you require further help.
o For customers who do not use FTP print (*1)

1. On User Interface of Canon digital multifunction copiers, navigate Additional Functions -> System Settings -> Network Settings -> TCP/IP Settings -> FTP print.
2. Set the FTP print to OFF.

o For customers who do use FTP print (*1)

1. On User Interface of Canon digital multifunction copiers, navigate Additional Functions -> System Settings -> Network Settings -> TCP/IP Settings -> FTP print.
2. Set "user name" and "password" for the FTP print.

*1: FTP print is a print method using FTP command. This command is not used for printing from the printer driver.


Notes
Canon Inc. would like to thank Nate Johnson and the Indiana University for finding and reporting this vulnerability to Canon U.S.A., Inc.

spacer
					image
  • Canon
  • ...
  • Usage professionnel