An worldwide group of safety researchers has drawn our consideration to a vulnerability associated to communications by way of the Picture Transfer Protocol (PTP), which is utilized by Canon digital cameras, in addition to a vulnerability associated to firmware updates.
(CVE-ID:CVE-2019-5994, CVE-2019-5995, CVE-2019-5998, CVE-2019-5999, CVE-2019-6000, CVE-2019-6001）
Due to those vulnerabilities, the potential exists for a third-party assault on the digicam if the digicam is linked to a PC or cell gadget that has been hijacked by way of an unsecured community.
At this level, there have been no confirmed instances of those vulnerabilities being exploited to trigger hurt, however in an effort to be certain that our prospects can use our merchandise securely, we wish to inform you of the next workarounds for this situation.
- Ensure the suitability of security-related settings of the units linked to the digicam, such because the PC, cell gadget, and router getting used.
- Do not join the digicam to a PC or cell gadget that’s being utilized in an unsecured community, similar to in a free Wi-Fi atmosphere.
- Do not join the digicam to a PC or cell gadget that’s doubtlessly uncovered to virus infections.
- Disable the digicam’s community capabilities when they aren’t getting used.
- Download the official firmware from Canon’s web site when performing a digicam firmware replace.
There is a rise in use of PCs and cell units in an unsecured (free Wi-Fi) community atmosphere the place prospects usually are not conscious of the community safety. As it has turn out to be prevalent to switch pictures from a digicam to a cell gadget by way of a Wi-Fi connection, we’ll implement firmware updates for the next fashions which might be geared up with the Wi-Fi perform.
These vulnerabilities have an effect on the next EOS-series digital SLR and mirrorless cameras:
|EOS-1DX*1 *2||EOS 6D Mark II||EOS 760D||EOS M5|
|EOS-1DX MK II*1 *2||EOS 7D Mark II*1||EOS 77D||EOS M6|
|EOS-1DC*1 *2||EOS 70D||EOS 1300D||EOS M10|
|EOS 5D Mark IV||EOS 80D||EOS 2000D||EOS M100|
|EOS 5D Mark III*1||EOS 750D||EOS 4000D||EOS M50|
|EOS 5DS*1||EOS 800D||EOS R||PowerShot SX70 HS|
|EOS 5DS R*1||EOS 200D||EOS RP||PowerShot SX740 HS|
|EOS 6D||EOS 250D||EOS M3||PowerShot G5X Mark II|
*1 If a WiFi adapter or a Wireless file transmitter is used, WiFi connection will be established.
*2 Ethernet connections are additionally affected by these vulnerabilities.
Firmware replace info will likely be offered for every product, in flip, ranging from merchandise for which preparations have been accomplished.