When Encryption Isn’t Really Encryption

This report details a Canon printer configuration-export vulnerability in which client-side-only encryption controls can be bypassed to obtain plaintext device configurations and stored credentials. Praetorian demonstrated credential extraction that enabled lateral movement and domain compromise; Canon confirmed the issue, reserved CVE-2026-1789, and published an advisory indicating the problem affects over 200 models.