This repository demonstrates a vulnerability in Canon imageRUNNER 1435 (version iR1435 SCA12895), where an attacker with local network access can spoof the printer's MAC and IP address to impersonate the device. This allows for interception of print jobs, information disclosure, and potential code execution.
- Vendor: Canon
- Product: imageRUNNER 1435
- Version: iR1435 SCA12895
- Intercept sensitive print jobs (Information Disclosure)
- Execute arbitrary code via crafted print data (Code Execution)
- Gain unauthorized access as a trusted printer (Privilege Escalation)
- A Kali Linux or similar Linux VM
- Network access to the printer's LAN
- MAC/IP of the target printer
An attacker with local network access can impersonate a trusted printing device by exploiting insufficient identity verification mechanisms at the network and application layers. This allows interception and potential manipulation of data transmitted to the affected system, leading to unauthorized access to sensitive information and trusted workflows.