Even your printer company now wants to sell you endpoint protection as a subscription — will others follow suit?

• August 6, 2025

• Consolidating printer security under one vendor may save time, though not without integration risks
• Canon’s new security subscription arrives just as its printer drivers face critical vulnerability exposure
• Root access to Canon’s firewall allegedly sold online amid new enterprise protection service launch

The lines between traditional hardware providers and cybersecurity vendors are beginning to blur as printer brands enter the cybersecurity field, but hackers can still use your business printer as an easy backdoor into your corporate network.

Canon, long associated with cameras and office printing hardware, is now offering a tiered cybersecurity subscription aimed at protecting endpoint devices, documents, and data.

The offering includes two tiers: Enhanced and Premium – the former covers basics such as firmware updates and data backup, while the latter introduces proactive monitoring, threat detection, and rapid device recovery.

Canon security concerns

The launch follows closely on the heels of serious security concerns related to Canon’s print infrastructure, including high-severity driver vulnerabilities and a possible network breach advertised on underground forums.

Just days before the new subscription service was announced, Microsoft’s offensive security team disclosed a critical vulnerability, CVE-2025-1268, affecting Canon’s printer drivers.

The flaw, which scores 9.4 on the CVSS scale, could enable attackers to halt printing or execute arbitrary code under certain conditions.

Canon issued advisories and urged users to update vulnerable drivers, particularly those tied to several production and office printer models.

While patching is essential, the persistence of such flaws highlights the broader risks that poorly secured print infrastructure can pose.

Adding to this unease, Canon has reportedly become the subject of underground listings offering root-level access to its internal firewall systems.

Though the company has not confirmed any such breach, security analysts continue to monitor claims circulating on dark web forums puporting to offer access allowing attackers to create backdoors or move laterally through the corporate network

Against this backdrop, Canon’s new Subscription Security Services may be seen as both a response to reputational risk and an attempt to reposition itself as more than a printer supplier.

Though these services resemble endpoint protection platform (EPP) features, they are focused solely on Canon’s device environment.

Whether this strategy gains traction depends on more than just Canon’s execution, as there is still a fair amount of skepticism around traditional hardware companies taking on roles typically reserved for antivirus and cybersecurity providers.

For businesses managing large fleets of print devices, consolidating protection through the hardware vendor may offer convenience, but it raises questions about scope, integration, and oversight.

If others in the hardware sector begin offering similar subscriptions, the market could see a gradual expansion of what constitutes EPP.

Via Cybersecurity News and Security Week

You might also like

Source

Consolidating printer security under one vendor may save time, though not without integration risks Canon’s new security subscription arrives just as its printer drivers face critical vulnerability exposure Root access to Canon’s firewall allegedly sold online amid new enterprise protection service launch The lines between traditional hardware providers and cybersecurity…