Meraki

Community

Vulnerabilities with Printers

Solved
JTejada
New here
a week ago
a week ago

Vulnerabilities with Printers

Hi,

 

We are currently working with a client who owns a Ricoh printer and has reported the presence of certain vulnerabilities affecting the device.


We would appreciate it if you could share what measures have been taken to address and resolve these issues. Additionally, we are interested in understanding what proactive steps can be implemented to prevent similar vulnerabilities from occurring in the future.


Your guidance and recommendations will be highly valuable in helping us support our client effectively.

 

Best regards,

0 Kudos
1 Accepted Solution
alemabrahao
Kind of a big deal
Kind of a big deal
a week ago
a week ago

I suggest you update your printer's firmware.

This isn't something related to Meraki.

I am not a Cisco Meraki employee. My suggestions are based on documentation of Meraki best practices and day-to-day experience.

Please, if this post was useful, leave your kudos and mark it as solved.

View solution in original post

5 Replies 5
Mloraditch
Kind of a big deal
Kind of a big deal
a week ago
a week ago

I'm not sure what you are asking about that involves Meraki? This seems to have been intended for a printing related forum.

If you found this post helpful, please give it Kudos. If my answer solves your problem please click Accept as Solution so others can benefit from it.
alemabrahao
Kind of a big deal
Kind of a big deal
a week ago
a week ago

I suggest you update your printer's firmware.

This isn't something related to Meraki.

I am not a Cisco Meraki employee. My suggestions are based on documentation of Meraki best practices and day-to-day experience.

Please, if this post was useful, leave your kudos and mark it as solved.
RWelch
Kind of a big deal
Kind of a big deal
a week ago
a week ago

While I am not aware of Ricoh brand printers there are a few considerations or best practices that can apply to most any printer brand:

update firmware to current release; if device(s) are end of life remove them from service

disable unused service (FTP, Telnet, SNMPv1)

change default password

Things you can do leveraging Meraki (normally part of the network design phase)

use network segmentation (dedicated VLAN for printers / IoT devices)

use L3/L7 rules to allow/deny what devices can connect to the dedicated VLAN

block internet access to these devices (you might need to temporarily allow access for updates then block internet access once updates are completed).

If you happen to have advanced license turn on IDS/IPS and content filtering and look for any activity using security center.

If you found this post helpful, please give it Kudos. If my answer solves your problem please click Accept as Solution so others can benefit from it.
0 Kudos
PhilipDAth
Kind of a big deal
Kind of a big deal
a week ago
a week ago

For more sensitive customers, I put printers onto their own VLAN (along with all IoT devices).

Prevent that VLAN from talking to the internal VLANs.

You can also probably create a firewall rule to deny the printers from talking to anything.

cmr
Kind of a big deal
Kind of a big deal
Friday
Friday

!00% what @PhilipDAth says.  All IoT equipment, such as printers, smart lights, door access control, CCTV (non Meraki) etc. should be placed in separate VLANs and access from those VLANs to other VLANs should be minimised. Access from those VLANs to the internet should also be minimised.

 

It does take a little extra time to set up, but is well worth it in terms of reducing the attack surface of your site(s) and the possibility of data exfiltration by likely unmonitored devices.

If my answer solves your problem please click Accept as Solution so others can benefit from it.
Get notified when there are additional replies to this discussion.
Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco ID. If you don't yet have a Cisco ID, you can sign up.
Labels
© 2025 Cisco Systems, Inc.