CVE-2013-4613

Name of the Vulnerable Software and Affected Versions Canon MG3100 Canon MG5300 Canon MG6100 Canon MP495 Canon MX340 Canon MX870 Canon MX890 Canon MX920 Canon MX922

Description The default configuration of the administrative interface on the affected printers does not require authentication, allowing remote attackers to modify the configuration by visiting the "Advanced page". The vendor has stated that the default setting does not require a password for user convenience, but it can be changed to add a password if users have concerns about third-party access.

Recommendations For each of the affected printer models, change the default setting to add a password to require authentication for accessing the administrative interface.