Canon Group
Close Close
Menu Menu Close Close Search

Security Advisory - Potential Apache Log4j Vulnerability

21st December 2021

Canon is committed to protecting our customers’ data security and as a part of that commitment we would like to advise of a potential risk to security.

Recently, a vulnerability (CVE-2021-44228) has been made public with regard to Apache Log 4j as an open source software, which is released by the Apache Software Foundation. This vulnerability could allow an attacker to execute arbitrary code remotely.

We have already started investigating the impact of this vulnerability on Canon products and services widely.

So far, we have not found any Canon products and services affected by this vulnerability. This includes,

  • Canon Hardware products
    • Business
    • Consumer
    • Medical
  • Therefore ™ and Therefore™ Online
  • IRIS
  • uniFLOW and uniFLOW Online
  • EFI
  • eMaintenance
  • IW Desktop
  • IW Account Manager for MEAP
  • IW Secure Audit Manager (SAM)

We have already started investigating the impact of this vulnerability on Canon products and services widely.

We have found a small number of third-party products require workarounds or patches be put in place. See list and links to vendor information below:

If we find that there will be an impact on other Canon products and services, we will update this page with the information.

Should you require further information regarding this advice, please contact us.

Canon Australia Pty Ltd:
Phone: 13 13 83
Email: service@canon.com.au

Canon New Zealand Ltd:
Phone: 0800 222 666
Email: issupport@canon.co.nz

Share this page