In addition to the previously identified vulnerabilities (CWE-22, CWE-287, and CWE-863), two new vulnerabilities—CWE-78 and CWE-434—have been confirmed. Appropriate countermeasures for these newly identified issues have already been implemented.

Users can work around the vulnerabilities by enabling the printer’s firewall and disabling the WebConfig function if they cannot have the firmware update installed due to specific technical reasons. Please note that the workaround is temporary, and you should ideally remediate the vulnerabilities through the security patch as soon as your situation allows.

• Follow the steps below to apply the workaround. For more information, refer to the “Various Settings of the Product” section in our online user manual.

Go to the printer's Settings menu and click:
Interface > Network > Advanced > Firewall > Enable Disable WebConfig
(Function for viewing or changing printer settings via web browser)
Go to the printer's Settings menu and click:
Interface > Network > Advanced > Firewall > Allow Services and Ports > WebConfig > Disable

For information about the previously identified vulnerabilities, see the notice below:
Technical Advisory: Security Vulnerability Discovered in CL4/6NX Plus Printers

For questions or inquiries, please complete our contact form here.