8.8
HIGH
CVE-2019-5999
Canon EOS and PowerShot Network Command Injection
Description

Buffer overflow in PTP (Picture Transfer Protocol) of EOS series digital cameras (EOS-1D X firmware version 2.1.0 and earlier, EOS-1D X MKII firmware version 1.1.6 and earlier, EOS-1D C firmware version 1.4.1 and earlier, EOS 5D MARK III firmware version 1.3.5 and earlier, EOS 5D MARK IV firmware version 1.2.0 and earlier, EOS 5DS firmware version 1.1.2 and earlier, EOS 5DS R firmware version 1.1.2 and earlier, EOS 6D firmware version 1.1.8 and earlier, EOS 6D MARK II firmware version 1.0.4 and earlier, EOS 7D MARK II firmware version 1.1.2 and earlier, EOS 70 D firmware version 1.1.2 and earlier, EOS 80 D firmware version 1.0.2 and earlier, EOS KISS X7I / EOS D REBEL T5I / EOS 700D firmware version 1.1.5 and earlier, EOS KISS X8I / EOS D REBEL T6I / EOS 750D firmware version 1.0.0 and earlier, EOS KISS X9I / EOS D REBEL T7I / EOS 800D firmware version 1.0.1 and earlier, EOS KISS X7 / EOS D REBEL SL1 / EOS 100D firmware version 1.0.1 and earlier, EOS KISS X9 / EOS D REBEL SL2 / EOS 200D firmware version 1.0.1 and earlier, EOS KISS X10 / EOS D REBEL SL3 / EOS 200D / EOS 250D firmware version 1.0.1 and earlier, EOS 8000D / EOS D REBEL T6S / EOS 760D firmware version 1.0.0 and earlier, EOS 9000D / EOS 77D firmware version 1.0.2 and earlier, EOS KISS X70 / EOS D REBEL T5 / EOS 1200D firmware version 1.0.2 and earlier, EOS D REBEL T5 RE / EOS 1200D MG / EOS HI firmware version 1.0.2 and earlier, EOS KISS X80 / EOS D REBEL T6 / EOS 1300D firmware version 1.1.0 and earlier, EOS KISS X90 / EOS D REBEL T7 / EOS 1500D / EOS 2000D firmware version 1.0.0 and earlier, EOS D REBEL T100 / EOS 3000D / EOS 4000D firmware version 1.0.0 and earlier, EOS R firmware version 1.3.0 and earlier, EOS RP firmware version 1.2.0 and earlier, EOS RP GOLD firmware version 1.2.0 and earlier, EOS M2 firmware version 1.0.3 and earlier, EOS M3 firmware version 1.2.0 and earlier, EOS M5 firmware version 1.0.1 and earlier, EOS M6 firmware version 1.0.1 and earlier, EOS M6(China) firmware version 5.0.0 and earlier, EOS M10 firmware version 1.1.0 and earlier, EOS M100 firmware version 1.0.0 and earlier, EOS KISS M / EOS M50 firmware version 1.0.2 and earlier) and PowerShot SX740 HS firmware version 1.0.1 and earlier, PowerShot SX70 HS firmware version 1.1.0 and earlier, and PowerShot G5Xmark II firmware version 1.0.1 and earlier allows an attacker on the same network segment to trigger the affected product being unresponsive or to execute arbitrary code on the affected product via blerequest command.

INFO

Published Date :

Aug. 6, 2019, 7:15 p.m.

Last Modified :

Aug. 24, 2020, 5:37 p.m.

Remotely Exploitable :

No

Impact Score :

5.9

Exploitability Score :

2.8
Affected Products

The following products are affected by CVE-2019-5999 vulnerability. Even if cvefeed.io is aware of the exact versions of the products that are affected, the information is not represented in the table below.

ID Vendor Product Action
1 Canon eos-1d_x_firmware
2 Canon eos-1d_x_mkii_firmware
3 Canon eos-1d_c_firmware
4 Canon eos_5d_mark_iii_firmware
5 Canon eos_5d_mark_iv_firmware
6 Canon eos_5ds_firmware
7 Canon eos_5ds_r_firmware
8 Canon eos_6d_firmware
9 Canon eos_7d_mark_ii_firmware
10 Canon eos_70d_firmware
11 Canon eos_80d_firmware
12 Canon eos_kiss_x7i_firmware
13 Canon eos_d_rebel_t5i_firmware
14 Canon eos_700d_firmware
15 Canon eos_kiss_x8i_firmware
16 Canon eos_d_rebel_t6i_firmware
17 Canon eos_750d_firmware
18 Canon eos_kiss_x9i_firmware
19 Canon eos_d_rebel_t7i_firmware
20 Canon eos_800d_firmware
21 Canon eos_kiss_x7_firmware
22 Canon eos_d_rebel_sl1_firmware
23 Canon eos_100d_firmware
24 Canon eos_kiss_x9_firmware
25 Canon eos_d_rebel_sl2_firmware
26 Canon eos_200d_firmware
27 Canon eos_kiss_x10_firmware
28 Canon eos_d_rebel_sl3_firmware
29 Canon eos_250d_firmware
30 Canon eos_8000d_firmware
31 Canon eos_d_rebel_t6s_firmware
32 Canon eos_760d_firmware
33 Canon eos_9000d_firmware
34 Canon eos_77d_firmware
35 Canon eos_kiss_x70_firmware
36 Canon eos_d_rebel_t5_firmware
37 Canon eos_1200d_firmware
38 Canon eos_d_rebel_t5_re_firmware
39 Canon eos_1200d_mg_firmware
40 Canon eos_hi_firmware
41 Canon eos_kiss_x80_firmware
42 Canon eos_d_rebel_t6_firmware
43 Canon eos_1300d_firmware
44 Canon eos_kiss_x90_firmware
45 Canon eos_d_rebel_t7_firmware
46 Canon eos_1500d_firmware
47 Canon eos_2000d_firmware
48 Canon eos_d_rebel_t100_firmware
49 Canon eos_3000d_firmware
50 Canon eos_4000d_firmware
51 Canon eos_r_firmware
52 Canon eos_rp_firmware
53 Canon eos_rp_gold_firmware
54 Canon eos_m2_firmware
55 Canon eos_m3_firmware
56 Canon eos_m5_firmware
57 Canon eos_m6_firmware
58 Canon eos_m6\(china\)_firmware
59 Canon eos_m10_firmware
60 Canon eos_m100_firmware
61 Canon eos_kiss_m_firmware
62 Canon eos_m50_firmware
63 Canon powershot_sx740_hs_firmware
64 Canon powershot_sx70_hs_firmware
65 Canon powershot_g5xmark_ii_firmware
66 Canon eos_6d_mark_ii_firmware
References to Advisories, Solutions, and Tools

Here, you will find a curated list of external links that provide in-depth information, practical solutions, and valuable tools related to CVE-2019-5999.

URL Resource
http://jvn.jp/en/vu/JVNVU97511331/index.html Third Party Advisory
https://cweb.canon.jp/e-support/products/eos-d/190806dilc-firm.html Vendor Advisory
https://research.checkpoint.com/say-cheese-ransomware-ing-a-dslr-camera/ Exploit Third Party Advisory
https://www.canon-europe.com/support/product-security/ Vendor Advisory
https://www.usa.canon.com/internet/portal/us/home/support/product-advisories/detail/the-vulnerability-in-canon-digital-cameras Vendor Advisory

We scan GitHub repositories to detect new proof-of-concept exploits. Following list is a collection of public exploits and proof-of-concepts, which have been published on GitHub (sorted by the most recently updated).

Results are limited to the first 15 repositories due to potential performance issues.

The following list is the news that have been mention CVE-2019-5999 vulnerability anywhere in the article.

The following table lists the changes that have been made to the CVE-2019-5999 vulnerability over time.

Vulnerability history details can be useful for understanding the evolution of a vulnerability, and for identifying the most recent changes that may impact the vulnerability's severity, exploitability, or other characteristics.

  • CVE Modified by [email protected]

    May. 14, 2024

    Action Type Old Value New Value
  • CWE Remap by [email protected]

    Aug. 24, 2020

    Action Type Old Value New Value
    Changed CWE CWE-119 CWE-787
  • Initial Analysis by [email protected]

    Aug. 16, 2019

    Action Type Old Value New Value
    Added CVSS V2 (AV:A/AC:L/Au:N/C:C/I:C/A:C)
    Added CVSS V3 AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
    Changed Reference Type http://jvn.jp/en/vu/JVNVU97511331/index.html No Types Assigned http://jvn.jp/en/vu/JVNVU97511331/index.html Third Party Advisory
    Changed Reference Type https://cweb.canon.jp/e-support/products/eos-d/190806dilc-firm.html No Types Assigned https://cweb.canon.jp/e-support/products/eos-d/190806dilc-firm.html Vendor Advisory
    Changed Reference Type https://research.checkpoint.com/say-cheese-ransomware-ing-a-dslr-camera/ No Types Assigned https://research.checkpoint.com/say-cheese-ransomware-ing-a-dslr-camera/ Exploit, Third Party Advisory
    Changed Reference Type https://www.canon-europe.com/support/product-security/ No Types Assigned https://www.canon-europe.com/support/product-security/ Vendor Advisory
    Changed Reference Type https://www.usa.canon.com/internet/portal/us/home/support/product-advisories/detail/the-vulnerability-in-canon-digital-cameras No Types Assigned https://www.usa.canon.com/internet/portal/us/home/support/product-advisories/detail/the-vulnerability-in-canon-digital-cameras Vendor Advisory
    Added CWE CWE-119
    Added CPE Configuration AND OR *cpe:2.3:o:canon:eos-1d_x_firmware:*:*:*:*:*:*:*:* versions up to (including) 2.1.0 OR cpe:2.3:h:canon:eos-1d_x:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:canon:eos-1d_x_mkii_firmware:*:*:*:*:*:*:*:* versions up to (including) 1.1.6 OR cpe:2.3:h:canon:eos-1d_x_mkii:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:canon:eos-1d_c_firmware:*:*:*:*:*:*:*:* versions up to (including) 1.4.1 OR cpe:2.3:h:canon:eos-1d_c:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:canon:eos_5d_mark_iii_firmware:*:*:*:*:*:*:*:* versions up to (including) 1.3.5 OR cpe:2.3:h:canon:eos_5d_mark_iii:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:canon:eos_5d_mark_iv_firmware:*:*:*:*:*:*:*:* versions up to (including) 1.2.0 OR cpe:2.3:h:canon:eos_5d_mark_iv:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:canon:eos_5ds_firmware:*:*:*:*:*:*:*:* versions up to (including) 1.1.2 OR cpe:2.3:h:canon:eos_5ds:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:canon:eos_5ds_r_firmware:*:*:*:*:*:*:*:* versions up to (including) 1.1.2 OR cpe:2.3:h:canon:eos_5ds_r:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:canon:eos_6d_firmware:*:*:*:*:*:*:*:* versions up to (including) 1.1.8 OR cpe:2.3:h:canon:eos_6d:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:canon:eos_7d_mark_ii_firmware:*:*:*:*:*:*:*:* versions up to (including) 1.1.2 OR cpe:2.3:h:canon:eos_7d_mark_ii:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:canon:eos_70d_firmware:*:*:*:*:*:*:*:* versions up to (including) 1.1.2 OR cpe:2.3:h:canon:eos_70d:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:canon:eos_80d_firmware:*:*:*:*:*:*:*:* versions up to (including) 1.0.2 OR cpe:2.3:h:canon:eos_80d:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:canon:eos_kiss_x7i_firmware:*:*:*:*:*:*:*:* versions up to (including) 1.1.5 OR cpe:2.3:h:canon:eos_kiss_x7i:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:canon:eos_d_rebel_t5i_firmware:*:*:*:*:*:*:*:* versions up to (including) 1.1.5 OR cpe:2.3:h:canon:eos_d_rebel_t5i:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:canon:eos_700d_firmware:*:*:*:*:*:*:*:* versions up to (including) 1.1.5 OR cpe:2.3:h:canon:eos_700d:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:canon:eos_kiss_x8i_firmware:*:*:*:*:*:*:*:* versions up to (including) 1.0.0 OR cpe:2.3:h:canon:eos_kiss_x8i:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:canon:eos_d_rebel_t6i_firmware:*:*:*:*:*:*:*:* versions up to (including) 1.0.0 OR cpe:2.3:h:canon:eos_d_rebel_t6i:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:canon:eos_750d_firmware:*:*:*:*:*:*:*:* versions up to (including) 1.0.0 OR cpe:2.3:h:canon:eos_750d:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:canon:eos_kiss_x9i_firmware:*:*:*:*:*:*:*:* versions up to (including) 1.0.1 OR cpe:2.3:h:canon:eos_kiss_x9i:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:canon:eos_d_rebel_t7i_firmware:*:*:*:*:*:*:*:* versions up to (including) 1.0.1 OR cpe:2.3:h:canon:eos_d_rebel_t7i:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:canon:eos_800d_firmware:*:*:*:*:*:*:*:* versions up to (including) 1.0.1 OR cpe:2.3:h:canon:eos_800d:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:canon:eos_kiss_x7_firmware:*:*:*:*:*:*:*:* versions up to (including) 1.0.1 OR cpe:2.3:h:canon:eos_kiss_x7:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:canon:eos_d_rebel_sl1_firmware:*:*:*:*:*:*:*:* versions up to (including) 1.0.1 OR cpe:2.3:h:canon:eos_d_rebel_sl1:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:canon:eos_100d_firmware:*:*:*:*:*:*:*:* versions up to (including) 1.0.1 OR cpe:2.3:h:canon:eos_100d:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:canon:eos_kiss_x9_firmware:*:*:*:*:*:*:*:* versions up to (including) 1.0.1 OR cpe:2.3:h:canon:eos_kiss_x9:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:canon:eos_d_rebel_sl2_firmware:*:*:*:*:*:*:*:* versions up to (including) 1.0.1 OR cpe:2.3:h:canon:eos_d_rebel_sl2:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:canon:eos_200d_firmware:*:*:*:*:*:*:*:* versions up to (including) 1.0.1 OR cpe:2.3:h:canon:eos_200d:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:canon:eos_kiss_x10_firmware:*:*:*:*:*:*:*:* versions up to (including) 1.0.1 OR cpe:2.3:h:canon:eos_kiss_x10:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:canon:eos_d_rebel_sl3_firmware:*:*:*:*:*:*:*:* versions up to (including) 1.0.1 OR cpe:2.3:h:canon:eos_d_rebel_sl3:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:canon:eos_200d_firmware:*:*:*:*:*:*:*:* versions up to (including) 1.0.1 OR cpe:2.3:h:canon:eos_200d:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:canon:eos_250d_firmware:*:*:*:*:*:*:*:* versions up to (including) 1.0.1 OR cpe:2.3:h:canon:eos_250d:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:canon:eos_8000d_firmware:*:*:*:*:*:*:*:* versions up to (including) 1.0.0 OR cpe:2.3:h:canon:eos_8000d:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:canon:eos_d_rebel_t6s_firmware:*:*:*:*:*:*:*:* versions up to (including) 1.0.0 OR cpe:2.3:h:canon:eos_d_rebel_t6s:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:canon:eos_760d_firmware:*:*:*:*:*:*:*:* versions up to (including) 1.0.0 OR cpe:2.3:h:canon:eos_760d:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:canon:eos_9000d_firmware:*:*:*:*:*:*:*:* versions up to (including) 1.0.2 OR cpe:2.3:h:canon:eos_9000d:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:canon:eos_77d_firmware:*:*:*:*:*:*:*:* versions up to (including) 1.0.2 OR cpe:2.3:h:canon:eos_77d:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:canon:eos_kiss_x70_firmware:*:*:*:*:*:*:*:* versions up to (including) 1.0.2 OR cpe:2.3:h:canon:eos_kiss_x70:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:canon:eos_d_rebel_t5_firmware:*:*:*:*:*:*:*:* versions up to (including) 1.0.2 OR cpe:2.3:h:canon:eos_d_rebel_t5:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:canon:eos_1200d_firmware:*:*:*:*:*:*:*:* versions up to (including) 1.0.2 OR cpe:2.3:h:canon:eos_1200d:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:canon:eos_d_rebel_t5_re_firmware:*:*:*:*:*:*:*:* versions up to (including) 1.0.2 OR cpe:2.3:h:canon:eos_d_rebel_t5_re:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:canon:eos_1200d_mg_firmware:*:*:*:*:*:*:*:* versions up to (including) 1.0.2 OR cpe:2.3:h:canon:eos_1200d_mg:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:canon:eos_hi_firmware:*:*:*:*:*:*:*:* versions up to (including) 1.0.2 OR cpe:2.3:h:canon:eos_hi:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:canon:eos_kiss_x80_firmware:*:*:*:*:*:*:*:* versions up to (including) 1.1.0 OR cpe:2.3:h:canon:eos_kiss_x80:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:canon:eos_d_rebel_t6_firmware:*:*:*:*:*:*:*:* versions up to (including) 1.1.0 OR cpe:2.3:h:canon:eos_d_rebel_t6:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:canon:eos_1300d_firmware:*:*:*:*:*:*:*:* versions up to (including) 1.1.0 OR cpe:2.3:h:canon:eos_1300d:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:canon:eos_kiss_x90_firmware:*:*:*:*:*:*:*:* versions up to (including) 1.0.0 OR cpe:2.3:h:canon:eos_kiss_x90:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:canon:eos_d_rebel_t7_firmware:*:*:*:*:*:*:*:* versions up to (including) 1.0.0 OR cpe:2.3:h:canon:eos_d_rebel_t7:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:canon:eos_1500d_firmware:*:*:*:*:*:*:*:* versions up to (including) 1.0.0 OR cpe:2.3:h:canon:eos_1500d:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:canon:eos_2000d_firmware:*:*:*:*:*:*:*:* versions up to (including) 1.0.0 OR cpe:2.3:h:canon:eos_2000d:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:canon:eos_d_rebel_t100_firmware:*:*:*:*:*:*:*:* versions up to (including) 1.0.0 OR cpe:2.3:h:canon:eos_d_rebel_t100:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:canon:eos_3000d_firmware:*:*:*:*:*:*:*:* versions up to (including) 1.0.0 OR cpe:2.3:h:canon:eos_3000d:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:canon:eos_4000d_firmware:*:*:*:*:*:*:*:* versions up to (including) 1.0.0 OR cpe:2.3:h:canon:eos_4000d:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:canon:eos_r_firmware:*:*:*:*:*:*:*:* versions up to (including) 1.3.0 OR cpe:2.3:h:canon:eos_r:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:canon:eos_rp_firmware:*:*:*:*:*:*:*:* versions up to (including) 1.2.0 OR cpe:2.3:h:canon:eos_rp:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:canon:eos_rp_gold_firmware:*:*:*:*:*:*:*:* versions up to (including) 1.2.0 OR cpe:2.3:h:canon:eos_rp_gold:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:canon:eos_m2_firmware:*:*:*:*:*:*:*:* versions up to (including) 1.0.3 OR cpe:2.3:h:canon:eos_m2:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:canon:eos_m3_firmware:*:*:*:*:*:*:*:* versions up to (including) 1.2.0 OR cpe:2.3:h:canon:eos_m3:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:canon:eos_m5_firmware:*:*:*:*:*:*:*:* versions up to (including) 1.0.1 OR cpe:2.3:h:canon:eos_m5:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:canon:eos_m6_firmware:*:*:*:*:*:*:*:* versions up to (including) 1.0.1 OR cpe:2.3:h:canon:eos_m6:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:canon:eos_m6\(china\)_firmware:*:*:*:*:*:*:*:* versions up to (including) 5.0.0 OR cpe:2.3:h:canon:eos_m6\(china\):-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:canon:eos_m10_firmware:*:*:*:*:*:*:*:* versions up to (including) 1.1.0 OR cpe:2.3:h:canon:eos_m10:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:canon:eos_m100_firmware:*:*:*:*:*:*:*:* versions up to (including) 1.0.0 OR cpe:2.3:h:canon:eos_m100:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:canon:eos_kiss_m_firmware:*:*:*:*:*:*:*:* versions up to (including) 1.0.2 OR cpe:2.3:h:canon:eos_kiss_m:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:canon:eos_m50_firmware:*:*:*:*:*:*:*:* versions up to (including) 1.0.2 OR cpe:2.3:h:canon:eos_m50:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:canon:powershot_sx740_hs_firmware:*:*:*:*:*:*:*:* versions up to (including) 1.0.1 OR cpe:2.3:h:canon:powershot_sx740_hs:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:canon:powershot_sx70_hs_firmware:*:*:*:*:*:*:*:* versions up to (including) 1.1.0 OR cpe:2.3:h:canon:powershot_sx70_hs:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:canon:powershot_g5xmark_ii_firmware:*:*:*:*:*:*:*:* versions up to (including) 1.0.1 OR cpe:2.3:h:canon:powershot_g5xmark_ii:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:canon:eos_6d_mark_ii_firmware:*:*:*:*:*:*:*:* versions up to (including) 1.0.4 OR cpe:2.3:h:canon:eos_6d_mark_ii:-:*:*:*:*:*:*:*
  • CVE Modified by [email protected]

    Aug. 12, 2019

    Action Type Old Value New Value
    Added Reference https://research.checkpoint.com/say-cheese-ransomware-ing-a-dslr-camera/ [No Types Assigned]
  • CVE Modified by [email protected]

    Aug. 08, 2019

    Action Type Old Value New Value
    Changed Description Buffer overflow in PTP (Picture Transfer Protocol) of EOS series digital cameras (EOS-1D X firmware version 2.1.0 and earlier, EOS-1D X MKII firmware version 1.1.6 and earlier, EOS-1D C firmware version 1.4.1 and earlier, EOS 5D MARK III firmware version 1.3.5 and earlier, EOS 5D MARK IV firmware version 1.2.0 and earlier, EOS 5DS firmware version 1.1.2 and earlier, EOS 5DS R firmware version 1.1.2 and earlier, EOS 6D firmware version 1.1.8 and earlier, EOS 6D MARK II firmware version 1.0.4 and earlier, EOS 7D MARK II firmware version 1.1.2 and earlier, EOS 70 D firmware version 1.1.2 and earlier, EOS 80 D firmware version 1.0.2 and earlier, EOS KISS X7I / EOS D REBEL T5I / EOS 700D firmware version 1.1.5 and earlier, EOS KISS X8I / EOS D REBEL T6I / EOS 750D firmware version 1.0.0 and earlier, EOS KISS X9I / EOS D REBEL T7I / EOS 800D firmware version 1.0.1 and earlier, EOS KISS X7 / EOS D REBEL SL1 / EOS 100D firmware version 1.0.1 and earlier, EOS KISS X9 / EOS D REBEL SL2 / EOS 200D firmware version 1.0.1 and earlier, EOS KISS X10 / EOS D REBEL SL3 / EOS 200D / EOS 250D firmware version 1.0.1 and earlier, EOS 8000D / EOS D REBEL T6S / EOS 760D firmware version 1.0.0 and earlier, EOS 9000D / EOS 77D firmware version 1.0.2 and earlier, EOS KISS X70 / EOS D REBEL T5 / EOS 1200D firmware version 1.0.2 and earlier, EOS D REBEL T5 RE / EOS 1200D MG / EOS HI firmware version 1.0.2 and earlier, EOS KISS X80 / EOS D REBEL T6 / EOS 1300D firmware version 1.1.0 and earlier, EOS KISS X90 / EOS D REBEL T7 / EOS 1500D / EOS 2000D firmware version 1.0.0 and earlier, EOS D REBEL T100 / EOS 3000D / EOS 4000D firmware version 1.0.0 and earlier, EOS R firmware version 1.3.0 and earlier, EOS RP firmware version 1.2.0 and earlier, EOS RP GOLD firmware version 1.2.0 and earlier, EOS M2 firmware version 1.0.3 and earlier, EOS M3 firmware version 1.2.0 and earlier, EOS M5 firmware version 1.0.1 and earlier, EOS M6 firmware version 1.0.1 and earlier, EOS M6(China) firmware version 5.0.0 and earlier, EOS M10 firmware version 1.1.0 and earlier, EOS M100 firmware version 1.0.0 and earlier, EOS KISS M / EOS M50 firmware version 1.0.2 and earlier) and PowerShot SX740 HS firmware version 1.0.1 and earlier, PowerShot SX70 HS firmware version 1.1.0 and earlier, and PowerShot G5Xmark ? firmware version 1.0.1 and earlier allows an attacker on the same network segment to trigger the affected product being unresponsive or to execute arbitrary code on the affected product via blerequest command. Buffer overflow in PTP (Picture Transfer Protocol) of EOS series digital cameras (EOS-1D X firmware version 2.1.0 and earlier, EOS-1D X MKII firmware version 1.1.6 and earlier, EOS-1D C firmware version 1.4.1 and earlier, EOS 5D MARK III firmware version 1.3.5 and earlier, EOS 5D MARK IV firmware version 1.2.0 and earlier, EOS 5DS firmware version 1.1.2 and earlier, EOS 5DS R firmware version 1.1.2 and earlier, EOS 6D firmware version 1.1.8 and earlier, EOS 6D MARK II firmware version 1.0.4 and earlier, EOS 7D MARK II firmware version 1.1.2 and earlier, EOS 70 D firmware version 1.1.2 and earlier, EOS 80 D firmware version 1.0.2 and earlier, EOS KISS X7I / EOS D REBEL T5I / EOS 700D firmware version 1.1.5 and earlier, EOS KISS X8I / EOS D REBEL T6I / EOS 750D firmware version 1.0.0 and earlier, EOS KISS X9I / EOS D REBEL T7I / EOS 800D firmware version 1.0.1 and earlier, EOS KISS X7 / EOS D REBEL SL1 / EOS 100D firmware version 1.0.1 and earlier, EOS KISS X9 / EOS D REBEL SL2 / EOS 200D firmware version 1.0.1 and earlier, EOS KISS X10 / EOS D REBEL SL3 / EOS 200D / EOS 250D firmware version 1.0.1 and earlier, EOS 8000D / EOS D REBEL T6S / EOS 760D firmware version 1.0.0 and earlier, EOS 9000D / EOS 77D firmware version 1.0.2 and earlier, EOS KISS X70 / EOS D REBEL T5 / EOS 1200D firmware version 1.0.2 and earlier, EOS D REBEL T5 RE / EOS 1200D MG / EOS HI firmware version 1.0.2 and earlier, EOS KISS X80 / EOS D REBEL T6 / EOS 1300D firmware version 1.1.0 and earlier, EOS KISS X90 / EOS D REBEL T7 / EOS 1500D / EOS 2000D firmware version 1.0.0 and earlier, EOS D REBEL T100 / EOS 3000D / EOS 4000D firmware version 1.0.0 and earlier, EOS R firmware version 1.3.0 and earlier, EOS RP firmware version 1.2.0 and earlier, EOS RP GOLD firmware version 1.2.0 and earlier, EOS M2 firmware version 1.0.3 and earlier, EOS M3 firmware version 1.2.0 and earlier, EOS M5 firmware version 1.0.1 and earlier, EOS M6 firmware version 1.0.1 and earlier, EOS M6(China) firmware version 5.0.0 and earlier, EOS M10 firmware version 1.1.0 and earlier, EOS M100 firmware version 1.0.0 and earlier, EOS KISS M / EOS M50 firmware version 1.0.2 and earlier) and PowerShot SX740 HS firmware version 1.0.1 and earlier, PowerShot SX70 HS firmware version 1.1.0 and earlier, and PowerShot G5Xmark II firmware version 1.0.1 and earlier allows an attacker on the same network segment to trigger the affected product being unresponsive or to execute arbitrary code on the affected product via blerequest command.
  • CVE Modified by [email protected]

    Aug. 07, 2019

    Action Type Old Value New Value
    Changed Description Buffer overflow in PTP (Picture Transfer Protocol) of EOS series digital cameras (EOS-1D X firmware version 2.1.0 and earlier, EOS-1D X MKII firmware version 1.1.6 and earlier, EOS-1D C firmware version 1.4.1 and earlier, EOS 5D MARK III firmware version 1.3.5 and earlier, EOS 5D MARK IV firmware version 1.2.0 and earlier, EOS 5DS firmware version 1.1.2 and earlier, EOS 5DS R firmware version 1.1.2 and earlier, EOS 6D firmware version 1.1.8 and earlier, EOS 6D MARK II firmware version 1.0.4 and earlier, EOS 7D MARK II firmware version 1.1.2 and earlier, EOS 70 D firmware version 1.1.2 and earlier, EOS 80 D firmware version 1.0.2 and earlier, EOS KISS X7I / EOS D REBEL T5I / EOS 700D firmware version 1.1.5 and earlier, EOS KISS X8I / EOS D REBEL T6I / EOS 750D firmware version 1.0.0 and earlier, EOS KISS X9I / EOS D REBEL T7I / EOS 800D firmware version 1.0.1 and earlier, EOS KISS X7 / EOS D REBEL SL1 / EOS 100D firmware version 1.0.1 and earlier, EOS KISS X9 / EOS D REBEL SL2 / EOS 200D firmware version 1.0.1 and earlier, EOS KISS X10 / EOS D REBEL SL3 / EOS 200D / EOS 250D firmware version 1.0.1 and earlier, EOS 8000D / EOS D REBEL T6S / EOS 760D firmware version 1.0.0 and earlier, EOS 9000D / EOS 77D firmware version 1.0.2 and earlier, EOS KISS X70 / EOS D REBEL T5 / EOS 1200D firmware version 1.0.2 and earlier, EOS D REBEL T5 RE / EOS 1200D MG / EOS HI firmware version 1.0.2 and earlier, EOS KISS X80 / EOS D REBEL T6 / EOS 1300D firmware version 1.1.0 and earlier, EOS KISS X90 / EOS D REBEL T7 / EOS 1500D / EOS 2000D firmware version 1.0.0 and earlier, EOS D REBEL T100 / EOS 3000D / EOS 4000D firmware version 1.0.0 and earlier, EOS R firmware version 1.3.0 and earlier, EOS RP firmware version 1.2.0 and earlier, EOS RP GOLD firmware version 1.2.0 and earlier, EOS M2 firmware version 1.0.3 and earlier, EOS M3 firmware version 1.2.0 and earlier, EOS M5 firmware version 1.0.1 and earlier, EOS M6 firmware version 1.0.1 and earlier, EOS M6(China) firmware version 5.0.0 and earlier, EOS M10 firmware version 1.1.0 and earlier, EOS M100 firmware version 1.0.0 and earlier, EOS KISS M / EOS M50 firmware version 1.0.2 and earlier) and PowerShot SX740 HS firmware version 1.0.1 and earlier, PowerShot SX70 HS firmware version 1.1.0 and earlier, and PowerShot G5Xmark? firmware version 1.0.1 and earlier allows an attacker on the same network segment to trigger the affected product being unresponsive or to execute arbitrary code on the affected product via blerequest command. Buffer overflow in PTP (Picture Transfer Protocol) of EOS series digital cameras (EOS-1D X firmware version 2.1.0 and earlier, EOS-1D X MKII firmware version 1.1.6 and earlier, EOS-1D C firmware version 1.4.1 and earlier, EOS 5D MARK III firmware version 1.3.5 and earlier, EOS 5D MARK IV firmware version 1.2.0 and earlier, EOS 5DS firmware version 1.1.2 and earlier, EOS 5DS R firmware version 1.1.2 and earlier, EOS 6D firmware version 1.1.8 and earlier, EOS 6D MARK II firmware version 1.0.4 and earlier, EOS 7D MARK II firmware version 1.1.2 and earlier, EOS 70 D firmware version 1.1.2 and earlier, EOS 80 D firmware version 1.0.2 and earlier, EOS KISS X7I / EOS D REBEL T5I / EOS 700D firmware version 1.1.5 and earlier, EOS KISS X8I / EOS D REBEL T6I / EOS 750D firmware version 1.0.0 and earlier, EOS KISS X9I / EOS D REBEL T7I / EOS 800D firmware version 1.0.1 and earlier, EOS KISS X7 / EOS D REBEL SL1 / EOS 100D firmware version 1.0.1 and earlier, EOS KISS X9 / EOS D REBEL SL2 / EOS 200D firmware version 1.0.1 and earlier, EOS KISS X10 / EOS D REBEL SL3 / EOS 200D / EOS 250D firmware version 1.0.1 and earlier, EOS 8000D / EOS D REBEL T6S / EOS 760D firmware version 1.0.0 and earlier, EOS 9000D / EOS 77D firmware version 1.0.2 and earlier, EOS KISS X70 / EOS D REBEL T5 / EOS 1200D firmware version 1.0.2 and earlier, EOS D REBEL T5 RE / EOS 1200D MG / EOS HI firmware version 1.0.2 and earlier, EOS KISS X80 / EOS D REBEL T6 / EOS 1300D firmware version 1.1.0 and earlier, EOS KISS X90 / EOS D REBEL T7 / EOS 1500D / EOS 2000D firmware version 1.0.0 and earlier, EOS D REBEL T100 / EOS 3000D / EOS 4000D firmware version 1.0.0 and earlier, EOS R firmware version 1.3.0 and earlier, EOS RP firmware version 1.2.0 and earlier, EOS RP GOLD firmware version 1.2.0 and earlier, EOS M2 firmware version 1.0.3 and earlier, EOS M3 firmware version 1.2.0 and earlier, EOS M5 firmware version 1.0.1 and earlier, EOS M6 firmware version 1.0.1 and earlier, EOS M6(China) firmware version 5.0.0 and earlier, EOS M10 firmware version 1.1.0 and earlier, EOS M100 firmware version 1.0.0 and earlier, EOS KISS M / EOS M50 firmware version 1.0.2 and earlier) and PowerShot SX740 HS firmware version 1.0.1 and earlier, PowerShot SX70 HS firmware version 1.1.0 and earlier, and PowerShot G5Xmark ? firmware version 1.0.1 and earlier allows an attacker on the same network segment to trigger the affected product being unresponsive or to execute arbitrary code on the affected product via blerequest command.
    Added Reference https://www.canon-europe.com/support/product-security/ [No Types Assigned]
    Added Reference http://jvn.jp/en/vu/JVNVU97511331/index.html [No Types Assigned]
EPSS is a daily estimate of the probability of exploitation activity being observed over the next 30 days. Following chart shows the EPSS score history of the vulnerability.
CWE - Common Weakness Enumeration

While CVE identifies specific instances of vulnerabilities, CWE categorizes the common flaws or weaknesses that can lead to vulnerabilities. CVE-2019-5999 is associated with the following CWEs:

Common Attack Pattern Enumeration and Classification (CAPEC)

Common Attack Pattern Enumeration and Classification (CAPEC) stores attack patterns, which are descriptions of the common attributes and approaches employed by adversaries to exploit the CVE-2019-5999 weaknesses.

Exploit Prediction

EPSS is a daily estimate of the probability of exploitation activity being observed over the next 30 days.

0.65 }} -0.03%

score

0.79564

percentile

CVSS30 - Vulnerability Scoring System
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability