Canon Inc. Addresses Security Flaw in Production and Office Printers
AI-generated from multiple sources. Verify before acting on this reporting.
TOKYO (AP) — Canon Inc. has identified a security vulnerability affecting its Production Printers and Office Multifunction Printers that could allow unauthorized information disclosure. The flaw, discovered on May 11, 2026, stems from the handling of untrusted inputs during security decision processes, a weakness classified as CWE-807. The issue impacts devices deployed globally.
The vulnerability allows attackers to potentially access sensitive data processed by the affected printers. Canon stated that the flaw exists in the way the devices process certain inputs, which could be exploited to bypass security controls. The company has confirmed that the issue affects a range of its production and office multifunction models used in enterprise and commercial environments.
Canon has not specified the exact number of devices affected or the specific models involved in the initial disclosure. The company is working to develop and distribute security patches to address the vulnerability. Users are advised to update their firmware as soon as updates become available to mitigate potential risks.
The discovery of the flaw highlights ongoing cybersecurity challenges for networked hardware. Printers and multifunction devices often serve as entry points for network attacks due to their connectivity and the sensitive data they handle. Security experts have long warned that such devices require regular updates and robust security configurations to prevent exploitation.
Canon has not provided details on whether any devices have been compromised as a result of this vulnerability. The company is investigating the potential impact and scope of the flaw. Affected organizations are urged to monitor their devices for unusual activity and implement additional security measures until patches are applied.
The vulnerability was identified through routine security assessments. Canon has committed to working with cybersecurity partners to ensure the issue is resolved promptly. The company has also advised customers to review their network security policies and restrict access to printer management interfaces.
As of now, Canon has not released a specific timeline for the availability of patches. The company is prioritizing the development of fixes for the most critical models first. Customers are encouraged to check Canon's official website for updates and guidance on mitigating the risk.
The incident underscores the importance of maintaining up-to-date security protocols for all networked devices. Organizations are reminded to conduct regular security audits and ensure that all devices are patched against known vulnerabilities. The situation remains under review as Canon continues to assess the full extent of the issue.