6.8
MEDIUM
CVE-2019-6001
Canon EOS/PowerShot Network Authentication Bypass Buffer Overflow
Description

Buffer overflow in PTP (Picture Transfer Protocol) of EOS series digital cameras (EOS-1D X firmware version 2.1.0 and earlier, EOS-1D X MKII firmware version 1.1.6 and earlier, EOS-1D C firmware version 1.4.1 and earlier, EOS 5D MARK III firmware version 1.3.5 and earlier, EOS 5D MARK IV firmware version 1.2.0 and earlier, EOS 5DS firmware version 1.1.2 and earlier, EOS 5DS R firmware version 1.1.2 and earlier, EOS 6D firmware version 1.1.8 and earlier, EOS 6D MARK II firmware version 1.0.4 and earlier, EOS 7D MARK II firmware version 1.1.2 and earlier, EOS 70 D firmware version 1.1.2 and earlier, EOS 80 D firmware version 1.0.2 and earlier, EOS KISS X7I / EOS D REBEL T5I / EOS 700D firmware version 1.1.5 and earlier, EOS KISS X8I / EOS D REBEL T6I / EOS 750D firmware version 1.0.0 and earlier, EOS KISS X9I / EOS D REBEL T7I / EOS 800D firmware version 1.0.1 and earlier, EOS KISS X7 / EOS D REBEL SL1 / EOS 100D firmware version 1.0.1 and earlier, EOS KISS X9 / EOS D REBEL SL2 / EOS 200D firmware version 1.0.1 and earlier, EOS KISS X10 / EOS D REBEL SL3 / EOS 200D / EOS 250D firmware version 1.0.1 and earlier, EOS 8000D / EOS D REBEL T6S / EOS 760D firmware version 1.0.0 and earlier, EOS 9000D / EOS 77D firmware version 1.0.2 and earlier, EOS KISS X70 / EOS D REBEL T5 / EOS 1200D firmware version 1.0.2 and earlier, EOS D REBEL T5 RE / EOS 1200D MG / EOS HI firmware version 1.0.2 and earlier, EOS KISS X80 / EOS D REBEL T6 / EOS 1300D firmware version 1.1.0 and earlier, EOS KISS X90 / EOS D REBEL T7 / EOS 1500D / EOS 2000D firmware version 1.0.0 and earlier, EOS D REBEL T100 / EOS 3000D / EOS 4000D firmware version 1.0.0 and earlier, EOS R firmware version 1.3.0 and earlier, EOS RP firmware version 1.2.0 and earlier, EOS RP GOLD firmware version 1.2.0 and earlier, EOS M2 firmware version 1.0.3 and earlier, EOS M3 firmware version 1.2.0 and earlier, EOS M5 firmware version 1.0.1 and earlier, EOS M6 firmware version 1.0.1 and earlier, EOS M6(China) firmware version 5.0.0 and earlier, EOS M10 firmware version 1.1.0 and earlier, EOS M100 firmware version 1.0.0 and earlier, EOS KISS M / EOS M50 firmware version 1.0.2 and earlier) and PowerShot SX740 HS firmware version 1.0.1 and earlier, PowerShot SX70 HS firmware version 1.1.0 and earlier, and PowerShot G5Xmark II firmware version 1.0.1 and earlier allows an attacker on the same network segment to trigger the affected product being unresponsive or to execute arbitrary code on the affected product via setadapterbatteryreport command.

INFO

Published Date :

Aug. 6, 2019, 7:15 p.m.

Last Modified :

Nov. 21, 2024, 4:45 a.m.

Remotely Exploitable :

No

Impact Score :

5.9

Exploitability Score :

0.9
Affected Products

The following products are affected by CVE-2019-6001 vulnerability. Even if cvefeed.io is aware of the exact versions of the products that are affected, the information is not represented in the table below.

ID Vendor Product Action
1 Canon eos-1d_x_firmware
2 Canon eos-1d_x_mkii_firmware
3 Canon eos-1d_c_firmware
4 Canon eos_5d_mark_iii_firmware
5 Canon eos_5d_mark_iv_firmware
6 Canon eos_5ds_firmware
7 Canon eos_5ds_r_firmware
8 Canon eos_6d_firmware
9 Canon eos_7d_mark_ii_firmware
10 Canon eos_70d_firmware
11 Canon eos_80d_firmware
12 Canon eos_kiss_x7i_firmware
13 Canon eos_d_rebel_t5i_firmware
14 Canon eos_700d_firmware
15 Canon eos_kiss_x8i_firmware
16 Canon eos_d_rebel_t6i_firmware
17 Canon eos_750d_firmware
18 Canon eos_kiss_x9i_firmware
19 Canon eos_d_rebel_t7i_firmware
20 Canon eos_800d_firmware
21 Canon eos_kiss_x7_firmware
22 Canon eos_d_rebel_sl1_firmware
23 Canon eos_100d_firmware
24 Canon eos_kiss_x9_firmware
25 Canon eos_d_rebel_sl2_firmware
26 Canon eos_200d_firmware
27 Canon eos_kiss_x10_firmware
28 Canon eos_d_rebel_sl3_firmware
29 Canon eos_250d_firmware
30 Canon eos_8000d_firmware
31 Canon eos_d_rebel_t6s_firmware
32 Canon eos_760d_firmware
33 Canon eos_9000d_firmware
34 Canon eos_77d_firmware
35 Canon eos_kiss_x70_firmware
36 Canon eos_d_rebel_t5_firmware
37 Canon eos_1200d_firmware
38 Canon eos_d_rebel_t5_re_firmware
39 Canon eos_1200d_mg_firmware
40 Canon eos_hi_firmware
41 Canon eos_kiss_x80_firmware
42 Canon eos_d_rebel_t6_firmware
43 Canon eos_1300d_firmware
44 Canon eos_kiss_x90_firmware
45 Canon eos_d_rebel_t7_firmware
46 Canon eos_1500d_firmware
47 Canon eos_2000d_firmware
48 Canon eos_d_rebel_t100_firmware
49 Canon eos_3000d_firmware
50 Canon eos_4000d_firmware
51 Canon eos_r_firmware
52 Canon eos_rp_firmware
53 Canon eos_rp_gold_firmware
54 Canon eos_m2_firmware
55 Canon eos_m3_firmware
56 Canon eos_m5_firmware
57 Canon eos_m6_firmware
58 Canon eos_m6\(china\)_firmware
59 Canon eos_m10_firmware
60 Canon eos_m100_firmware
61 Canon eos_kiss_m_firmware
62 Canon eos_m50_firmware
63 Canon powershot_sx740_hs_firmware
64 Canon powershot_sx70_hs_firmware
65 Canon powershot_g5xmark_ii_firmware
66 Canon eos_6d_mark_ii_firmware
67 Canon eos-1d_x
68 Canon eos-1d_x_mkii
69 Canon eos-1d_c
70 Canon eos_5d_mark_iii
71 Canon eos_5d_mark_iv
72 Canon eos_5ds
73 Canon eos_5ds_r
74 Canon eos_6d
75 Canon eos_7d_mark_ii
76 Canon eos_70d
77 Canon eos_80d
78 Canon eos_kiss_x7i
79 Canon eos_d_rebel_t5i
80 Canon eos_700d
81 Canon eos_kiss_x8i
82 Canon eos_d_rebel_t6i
83 Canon eos_750d
84 Canon eos_kiss_x9i
85 Canon eos_d_rebel_t7i
86 Canon eos_800d
87 Canon eos_kiss_x7
88 Canon eos_d_rebel_sl1
89 Canon eos_100d
90 Canon eos_kiss_x9
91 Canon eos_d_rebel_sl2
92 Canon eos_200d
93 Canon eos_kiss_x10
94 Canon eos_d_rebel_sl3
95 Canon eos_250d
96 Canon eos_8000d
97 Canon eos_d_rebel_t6s
98 Canon eos_760d
99 Canon eos_9000d
100 Canon eos_77d
101 Canon eos_kiss_x70
102 Canon eos_d_rebel_t5
103 Canon eos_1200d
104 Canon eos_d_rebel_t5_re
105 Canon eos_1200d_mg
106 Canon eos_hi
107 Canon eos_kiss_x80
108 Canon eos_d_rebel_t6
109 Canon eos_1300d
110 Canon eos_kiss_x90
111 Canon eos_d_rebel_t7
112 Canon eos_1500d
113 Canon eos_2000d
114 Canon eos_d_rebel_t100
115 Canon eos_3000d
116 Canon eos_4000d
117 Canon eos_r
118 Canon eos_rp
119 Canon eos_rp_gold
120 Canon eos_m2
121 Canon eos_m3
122 Canon eos_m5
123 Canon eos_m6
124 Canon eos_m6\(china\)
125 Canon eos_m10
126 Canon eos_m100
127 Canon eos_kiss_m
128 Canon eos_m50
129 Canon powershot_sx740_hs
130 Canon powershot_sx70_hs
131 Canon powershot_g5xmark_ii
132 Canon eos_6d_mark_ii

We scan GitHub repositories to detect new proof-of-concept exploits. Following list is a collection of public exploits and proof-of-concepts, which have been published on GitHub (sorted by the most recently updated).

Results are limited to the first 15 repositories due to potential performance issues.

The following list is the news that have been mention CVE-2019-6001 vulnerability anywhere in the article.

The following table lists the changes that have been made to the CVE-2019-6001 vulnerability over time.

Vulnerability history details can be useful for understanding the evolution of a vulnerability, and for identifying the most recent changes that may impact the vulnerability's severity, exploitability, or other characteristics.

  • CVE Modified by af854a3a-2127-422b-91ae-364da2661108

    Nov. 21, 2024

    Action Type Old Value New Value
    Added Reference http://jvn.jp/en/vu/JVNVU97511331/index.html
    Added Reference https://cweb.canon.jp/e-support/products/eos-d/190806dilc-firm.html
    Added Reference https://research.checkpoint.com/say-cheese-ransomware-ing-a-dslr-camera/
    Added Reference https://www.canon-europe.com/support/product-security/
    Added Reference https://www.usa.canon.com/internet/portal/us/home/support/product-advisories/detail/the-vulnerability-in-canon-digital-cameras
  • CVE Modified by [email protected]

    May. 14, 2024

    Action Type Old Value New Value
  • Initial Analysis by [email protected]

    Aug. 16, 2019

    Action Type Old Value New Value
    Added CVSS V2 (AV:L/AC:L/Au:N/C:C/I:C/A:C)
    Added CVSS V3 AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
    Changed Reference Type http://jvn.jp/en/vu/JVNVU97511331/index.html No Types Assigned http://jvn.jp/en/vu/JVNVU97511331/index.html Third Party Advisory
    Changed Reference Type https://cweb.canon.jp/e-support/products/eos-d/190806dilc-firm.html No Types Assigned https://cweb.canon.jp/e-support/products/eos-d/190806dilc-firm.html Vendor Advisory
    Changed Reference Type https://research.checkpoint.com/say-cheese-ransomware-ing-a-dslr-camera/ No Types Assigned https://research.checkpoint.com/say-cheese-ransomware-ing-a-dslr-camera/ Exploit, Third Party Advisory
    Changed Reference Type https://www.canon-europe.com/support/product-security/ No Types Assigned https://www.canon-europe.com/support/product-security/ Vendor Advisory
    Changed Reference Type https://www.usa.canon.com/internet/portal/us/home/support/product-advisories/detail/the-vulnerability-in-canon-digital-cameras No Types Assigned https://www.usa.canon.com/internet/portal/us/home/support/product-advisories/detail/the-vulnerability-in-canon-digital-cameras Vendor Advisory
    Added CWE CWE-119
    Added CPE Configuration AND OR *cpe:2.3:o:canon:eos-1d_x_firmware:*:*:*:*:*:*:*:* versions up to (including) 2.1.0 OR cpe:2.3:h:canon:eos-1d_x:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:canon:eos-1d_x_mkii_firmware:*:*:*:*:*:*:*:* versions up to (including) 1.1.6 OR cpe:2.3:h:canon:eos-1d_x_mkii:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:canon:eos-1d_c_firmware:*:*:*:*:*:*:*:* versions up to (including) 1.4.1 OR cpe:2.3:h:canon:eos-1d_c:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:canon:eos_5d_mark_iii_firmware:*:*:*:*:*:*:*:* versions up to (including) 1.3.5 OR cpe:2.3:h:canon:eos_5d_mark_iii:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:canon:eos_5d_mark_iv_firmware:*:*:*:*:*:*:*:* versions up to (including) 1.2.0 OR cpe:2.3:h:canon:eos_5d_mark_iv:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:canon:eos_5ds_firmware:*:*:*:*:*:*:*:* versions up to (including) 1.1.2 OR cpe:2.3:h:canon:eos_5ds:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:canon:eos_5ds_r_firmware:*:*:*:*:*:*:*:* versions up to (including) 1.1.2 OR cpe:2.3:h:canon:eos_5ds_r:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:canon:eos_6d_firmware:*:*:*:*:*:*:*:* versions up to (including) 1.1.8 OR cpe:2.3:h:canon:eos_6d:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:canon:eos_7d_mark_ii_firmware:*:*:*:*:*:*:*:* versions up to (including) 1.1.2 OR cpe:2.3:h:canon:eos_7d_mark_ii:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:canon:eos_70d_firmware:*:*:*:*:*:*:*:* versions up to (including) 1.1.2 OR cpe:2.3:h:canon:eos_70d:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:canon:eos_80d_firmware:*:*:*:*:*:*:*:* versions up to (including) 1.0.2 OR cpe:2.3:h:canon:eos_80d:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:canon:eos_kiss_x7i_firmware:*:*:*:*:*:*:*:* versions up to (including) 1.1.5 OR cpe:2.3:h:canon:eos_kiss_x7i:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:canon:eos_d_rebel_t5i_firmware:*:*:*:*:*:*:*:* versions up to (including) 1.1.5 OR cpe:2.3:h:canon:eos_d_rebel_t5i:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:canon:eos_700d_firmware:*:*:*:*:*:*:*:* versions up to (including) 1.1.5 OR cpe:2.3:h:canon:eos_700d:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:canon:eos_kiss_x8i_firmware:*:*:*:*:*:*:*:* versions up to (including) 1.0.0 OR cpe:2.3:h:canon:eos_kiss_x8i:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:canon:eos_d_rebel_t6i_firmware:*:*:*:*:*:*:*:* versions up to (including) 1.0.0 OR cpe:2.3:h:canon:eos_d_rebel_t6i:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:canon:eos_750d_firmware:*:*:*:*:*:*:*:* versions up to (including) 1.0.0 OR cpe:2.3:h:canon:eos_750d:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:canon:eos_kiss_x9i_firmware:*:*:*:*:*:*:*:* versions up to (including) 1.0.1 OR cpe:2.3:h:canon:eos_kiss_x9i:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:canon:eos_d_rebel_t7i_firmware:*:*:*:*:*:*:*:* versions up to (including) 1.0.1 OR cpe:2.3:h:canon:eos_d_rebel_t7i:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:canon:eos_800d_firmware:*:*:*:*:*:*:*:* versions up to (including) 1.0.1 OR cpe:2.3:h:canon:eos_800d:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:canon:eos_kiss_x7_firmware:*:*:*:*:*:*:*:* versions up to (including) 1.0.1 OR cpe:2.3:h:canon:eos_kiss_x7:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:canon:eos_d_rebel_sl1_firmware:*:*:*:*:*:*:*:* versions up to (including) 1.0.1 OR cpe:2.3:h:canon:eos_d_rebel_sl1:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:canon:eos_100d_firmware:*:*:*:*:*:*:*:* versions up to (including) 1.0.1 OR cpe:2.3:h:canon:eos_100d:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:canon:eos_kiss_x9_firmware:*:*:*:*:*:*:*:* versions up to (including) 1.0.1 OR cpe:2.3:h:canon:eos_kiss_x9:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:canon:eos_d_rebel_sl2_firmware:*:*:*:*:*:*:*:* versions up to (including) 1.0.1 OR cpe:2.3:h:canon:eos_d_rebel_sl2:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:canon:eos_200d_firmware:*:*:*:*:*:*:*:* versions up to (including) 1.0.1 OR cpe:2.3:h:canon:eos_200d:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:canon:eos_kiss_x10_firmware:*:*:*:*:*:*:*:* versions up to (including) 1.0.1 OR cpe:2.3:h:canon:eos_kiss_x10:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:canon:eos_d_rebel_sl3_firmware:*:*:*:*:*:*:*:* versions up to (including) 1.0.1 OR cpe:2.3:h:canon:eos_d_rebel_sl3:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:canon:eos_200d_firmware:*:*:*:*:*:*:*:* versions up to (including) 1.0.1 OR cpe:2.3:h:canon:eos_200d:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:canon:eos_250d_firmware:*:*:*:*:*:*:*:* versions up to (including) 1.0.1 OR cpe:2.3:h:canon:eos_250d:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:canon:eos_8000d_firmware:*:*:*:*:*:*:*:* versions up to (including) 1.0.0 OR cpe:2.3:h:canon:eos_8000d:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:canon:eos_d_rebel_t6s_firmware:*:*:*:*:*:*:*:* versions up to (including) 1.0.0 OR cpe:2.3:h:canon:eos_d_rebel_t6s:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:canon:eos_760d_firmware:*:*:*:*:*:*:*:* versions up to (including) 1.0.0 OR cpe:2.3:h:canon:eos_760d:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:canon:eos_9000d_firmware:*:*:*:*:*:*:*:* versions up to (including) 1.0.2 OR cpe:2.3:h:canon:eos_9000d:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:canon:eos_77d_firmware:*:*:*:*:*:*:*:* versions up to (including) 1.0.2 OR cpe:2.3:h:canon:eos_77d:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:canon:eos_kiss_x70_firmware:*:*:*:*:*:*:*:* versions up to (including) 1.0.2 OR cpe:2.3:h:canon:eos_kiss_x70:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:canon:eos_d_rebel_t5_firmware:*:*:*:*:*:*:*:* versions up to (including) 1.0.2 OR cpe:2.3:h:canon:eos_d_rebel_t5:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:canon:eos_1200d_firmware:*:*:*:*:*:*:*:* versions up to (including) 1.0.2 OR cpe:2.3:h:canon:eos_1200d:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:canon:eos_d_rebel_t5_re_firmware:*:*:*:*:*:*:*:* versions up to (including) 1.0.2 OR cpe:2.3:h:canon:eos_d_rebel_t5_re:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:canon:eos_1200d_mg_firmware:*:*:*:*:*:*:*:* versions up to (including) 1.0.2 OR cpe:2.3:h:canon:eos_1200d_mg:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:canon:eos_hi_firmware:*:*:*:*:*:*:*:* versions up to (including) 1.0.2 OR cpe:2.3:h:canon:eos_hi:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:canon:eos_kiss_x80_firmware:*:*:*:*:*:*:*:* versions up to (including) 1.1.0 OR cpe:2.3:h:canon:eos_kiss_x80:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:canon:eos_d_rebel_t6_firmware:*:*:*:*:*:*:*:* versions up to (including) 1.1.0 OR cpe:2.3:h:canon:eos_d_rebel_t6:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:canon:eos_1300d_firmware:*:*:*:*:*:*:*:* versions up to (including) 1.1.0 OR cpe:2.3:h:canon:eos_1300d:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:canon:eos_kiss_x90_firmware:*:*:*:*:*:*:*:* versions up to (including) 1.0.0 OR cpe:2.3:h:canon:eos_kiss_x90:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:canon:eos_d_rebel_t7_firmware:*:*:*:*:*:*:*:* versions up to (including) 1.0.0 OR cpe:2.3:h:canon:eos_d_rebel_t7:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:canon:eos_1500d_firmware:*:*:*:*:*:*:*:* versions up to (including) 1.0.0 OR cpe:2.3:h:canon:eos_1500d:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:canon:eos_2000d_firmware:*:*:*:*:*:*:*:* versions up to (including) 1.0.0 OR cpe:2.3:h:canon:eos_2000d:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:canon:eos_d_rebel_t100_firmware:*:*:*:*:*:*:*:* versions up to (including) 1.0.0 OR cpe:2.3:h:canon:eos_d_rebel_t100:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:canon:eos_3000d_firmware:*:*:*:*:*:*:*:* versions up to (including) 1.0.0 OR cpe:2.3:h:canon:eos_3000d:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:canon:eos_4000d_firmware:*:*:*:*:*:*:*:* versions up to (including) 1.0.0 OR cpe:2.3:h:canon:eos_4000d:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:canon:eos_r_firmware:*:*:*:*:*:*:*:* versions up to (including) 1.3.0 OR cpe:2.3:h:canon:eos_r:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:canon:eos_rp_firmware:*:*:*:*:*:*:*:* versions up to (including) 1.2.0 OR cpe:2.3:h:canon:eos_rp:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:canon:eos_rp_gold_firmware:*:*:*:*:*:*:*:* versions up to (including) 1.2.0 OR cpe:2.3:h:canon:eos_rp_gold:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:canon:eos_m2_firmware:*:*:*:*:*:*:*:* versions up to (including) 1.0.3 OR cpe:2.3:h:canon:eos_m2:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:canon:eos_m3_firmware:*:*:*:*:*:*:*:* versions up to (including) 1.2.0 OR cpe:2.3:h:canon:eos_m3:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:canon:eos_m5_firmware:*:*:*:*:*:*:*:* versions up to (including) 1.0.1 OR cpe:2.3:h:canon:eos_m5:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:canon:eos_m6_firmware:*:*:*:*:*:*:*:* versions up to (including) 1.0.1 OR cpe:2.3:h:canon:eos_m6:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:canon:eos_m6\(china\)_firmware:*:*:*:*:*:*:*:* versions up to (including) 5.0.0 OR cpe:2.3:h:canon:eos_m6\(china\):-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:canon:eos_m10_firmware:*:*:*:*:*:*:*:* versions up to (including) 1.1.0 OR cpe:2.3:h:canon:eos_m10:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:canon:eos_m100_firmware:*:*:*:*:*:*:*:* versions up to (including) 1.0.0 OR cpe:2.3:h:canon:eos_m100:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:canon:eos_kiss_m_firmware:*:*:*:*:*:*:*:* versions up to (including) 1.0.2 OR cpe:2.3:h:canon:eos_kiss_m:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:canon:eos_m50_firmware:*:*:*:*:*:*:*:* versions up to (including) 1.0.2 OR cpe:2.3:h:canon:eos_m50:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:canon:powershot_sx740_hs_firmware:*:*:*:*:*:*:*:* versions up to (including) 1.0.1 OR cpe:2.3:h:canon:powershot_sx740_hs:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:canon:powershot_sx70_hs_firmware:*:*:*:*:*:*:*:* versions up to (including) 1.1.0 OR cpe:2.3:h:canon:powershot_sx70_hs:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:canon:powershot_g5xmark_ii_firmware:*:*:*:*:*:*:*:* versions up to (including) 1.0.1 OR cpe:2.3:h:canon:powershot_g5xmark_ii:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:canon:eos_6d_mark_ii_firmware:*:*:*:*:*:*:*:* versions up to (including) 1.0.4 OR cpe:2.3:h:canon:eos_6d_mark_ii:-:*:*:*:*:*:*:*
  • CVE Modified by [email protected]

    Aug. 12, 2019

    Action Type Old Value New Value
    Added Reference https://research.checkpoint.com/say-cheese-ransomware-ing-a-dslr-camera/ [No Types Assigned]
  • CVE Modified by [email protected]

    Aug. 08, 2019

    Action Type Old Value New Value
    Changed Description Buffer overflow in PTP (Picture Transfer Protocol) of EOS series digital cameras (EOS-1D X firmware version 2.1.0 and earlier, EOS-1D X MKII firmware version 1.1.6 and earlier, EOS-1D C firmware version 1.4.1 and earlier, EOS 5D MARK III firmware version 1.3.5 and earlier, EOS 5D MARK IV firmware version 1.2.0 and earlier, EOS 5DS firmware version 1.1.2 and earlier, EOS 5DS R firmware version 1.1.2 and earlier, EOS 6D firmware version 1.1.8 and earlier, EOS 6D MARK II firmware version 1.0.4 and earlier, EOS 7D MARK II firmware version 1.1.2 and earlier, EOS 70 D firmware version 1.1.2 and earlier, EOS 80 D firmware version 1.0.2 and earlier, EOS KISS X7I / EOS D REBEL T5I / EOS 700D firmware version 1.1.5 and earlier, EOS KISS X8I / EOS D REBEL T6I / EOS 750D firmware version 1.0.0 and earlier, EOS KISS X9I / EOS D REBEL T7I / EOS 800D firmware version 1.0.1 and earlier, EOS KISS X7 / EOS D REBEL SL1 / EOS 100D firmware version 1.0.1 and earlier, EOS KISS X9 / EOS D REBEL SL2 / EOS 200D firmware version 1.0.1 and earlier, EOS KISS X10 / EOS D REBEL SL3 / EOS 200D / EOS 250D firmware version 1.0.1 and earlier, EOS 8000D / EOS D REBEL T6S / EOS 760D firmware version 1.0.0 and earlier, EOS 9000D / EOS 77D firmware version 1.0.2 and earlier, EOS KISS X70 / EOS D REBEL T5 / EOS 1200D firmware version 1.0.2 and earlier, EOS D REBEL T5 RE / EOS 1200D MG / EOS HI firmware version 1.0.2 and earlier, EOS KISS X80 / EOS D REBEL T6 / EOS 1300D firmware version 1.1.0 and earlier, EOS KISS X90 / EOS D REBEL T7 / EOS 1500D / EOS 2000D firmware version 1.0.0 and earlier, EOS D REBEL T100 / EOS 3000D / EOS 4000D firmware version 1.0.0 and earlier, EOS R firmware version 1.3.0 and earlier, EOS RP firmware version 1.2.0 and earlier, EOS RP GOLD firmware version 1.2.0 and earlier, EOS M2 firmware version 1.0.3 and earlier, EOS M3 firmware version 1.2.0 and earlier, EOS M5 firmware version 1.0.1 and earlier, EOS M6 firmware version 1.0.1 and earlier, EOS M6(China) firmware version 5.0.0 and earlier, EOS M10 firmware version 1.1.0 and earlier, EOS M100 firmware version 1.0.0 and earlier, EOS KISS M / EOS M50 firmware version 1.0.2 and earlier) and PowerShot SX740 HS firmware version 1.0.1 and earlier, PowerShot SX70 HS firmware version 1.1.0 and earlier, and PowerShot G5Xmark ? firmware version 1.0.1 and earlier allows an attacker on the same network segment to trigger the affected product being unresponsive or to execute arbitrary code on the affected product via setadapterbatteryreport command. Buffer overflow in PTP (Picture Transfer Protocol) of EOS series digital cameras (EOS-1D X firmware version 2.1.0 and earlier, EOS-1D X MKII firmware version 1.1.6 and earlier, EOS-1D C firmware version 1.4.1 and earlier, EOS 5D MARK III firmware version 1.3.5 and earlier, EOS 5D MARK IV firmware version 1.2.0 and earlier, EOS 5DS firmware version 1.1.2 and earlier, EOS 5DS R firmware version 1.1.2 and earlier, EOS 6D firmware version 1.1.8 and earlier, EOS 6D MARK II firmware version 1.0.4 and earlier, EOS 7D MARK II firmware version 1.1.2 and earlier, EOS 70 D firmware version 1.1.2 and earlier, EOS 80 D firmware version 1.0.2 and earlier, EOS KISS X7I / EOS D REBEL T5I / EOS 700D firmware version 1.1.5 and earlier, EOS KISS X8I / EOS D REBEL T6I / EOS 750D firmware version 1.0.0 and earlier, EOS KISS X9I / EOS D REBEL T7I / EOS 800D firmware version 1.0.1 and earlier, EOS KISS X7 / EOS D REBEL SL1 / EOS 100D firmware version 1.0.1 and earlier, EOS KISS X9 / EOS D REBEL SL2 / EOS 200D firmware version 1.0.1 and earlier, EOS KISS X10 / EOS D REBEL SL3 / EOS 200D / EOS 250D firmware version 1.0.1 and earlier, EOS 8000D / EOS D REBEL T6S / EOS 760D firmware version 1.0.0 and earlier, EOS 9000D / EOS 77D firmware version 1.0.2 and earlier, EOS KISS X70 / EOS D REBEL T5 / EOS 1200D firmware version 1.0.2 and earlier, EOS D REBEL T5 RE / EOS 1200D MG / EOS HI firmware version 1.0.2 and earlier, EOS KISS X80 / EOS D REBEL T6 / EOS 1300D firmware version 1.1.0 and earlier, EOS KISS X90 / EOS D REBEL T7 / EOS 1500D / EOS 2000D firmware version 1.0.0 and earlier, EOS D REBEL T100 / EOS 3000D / EOS 4000D firmware version 1.0.0 and earlier, EOS R firmware version 1.3.0 and earlier, EOS RP firmware version 1.2.0 and earlier, EOS RP GOLD firmware version 1.2.0 and earlier, EOS M2 firmware version 1.0.3 and earlier, EOS M3 firmware version 1.2.0 and earlier, EOS M5 firmware version 1.0.1 and earlier, EOS M6 firmware version 1.0.1 and earlier, EOS M6(China) firmware version 5.0.0 and earlier, EOS M10 firmware version 1.1.0 and earlier, EOS M100 firmware version 1.0.0 and earlier, EOS KISS M / EOS M50 firmware version 1.0.2 and earlier) and PowerShot SX740 HS firmware version 1.0.1 and earlier, PowerShot SX70 HS firmware version 1.1.0 and earlier, and PowerShot G5Xmark II firmware version 1.0.1 and earlier allows an attacker on the same network segment to trigger the affected product being unresponsive or to execute arbitrary code on the affected product via setadapterbatteryreport command.
  • CVE Modified by [email protected]

    Aug. 07, 2019

    Action Type Old Value New Value
    Changed Description Buffer overflow in PTP (Picture Transfer Protocol) of EOS series digital cameras (EOS-1D X firmware version 2.1.0 and earlier, EOS-1D X MKII firmware version 1.1.6 and earlier, EOS-1D C firmware version 1.4.1 and earlier, EOS 5D MARK III firmware version 1.3.5 and earlier, EOS 5D MARK IV firmware version 1.2.0 and earlier, EOS 5DS firmware version 1.1.2 and earlier, EOS 5DS R firmware version 1.1.2 and earlier, EOS 6D firmware version 1.1.8 and earlier, EOS 6D MARK II firmware version 1.0.4 and earlier, EOS 7D MARK II firmware version 1.1.2 and earlier, EOS 70 D firmware version 1.1.2 and earlier, EOS 80 D firmware version 1.0.2 and earlier, EOS KISS X7I / EOS D REBEL T5I / EOS 700D firmware version 1.1.5 and earlier, EOS KISS X8I / EOS D REBEL T6I / EOS 750D firmware version 1.0.0 and earlier, EOS KISS X9I / EOS D REBEL T7I / EOS 800D firmware version 1.0.1 and earlier, EOS KISS X7 / EOS D REBEL SL1 / EOS 100D firmware version 1.0.1 and earlier, EOS KISS X9 / EOS D REBEL SL2 / EOS 200D firmware version 1.0.1 and earlier, EOS KISS X10 / EOS D REBEL SL3 / EOS 200D / EOS 250D firmware version 1.0.1 and earlier, EOS 8000D / EOS D REBEL T6S / EOS 760D firmware version 1.0.0 and earlier, EOS 9000D / EOS 77D firmware version 1.0.2 and earlier, EOS KISS X70 / EOS D REBEL T5 / EOS 1200D firmware version 1.0.2 and earlier, EOS D REBEL T5 RE / EOS 1200D MG / EOS HI firmware version 1.0.2 and earlier, EOS KISS X80 / EOS D REBEL T6 / EOS 1300D firmware version 1.1.0 and earlier, EOS KISS X90 / EOS D REBEL T7 / EOS 1500D / EOS 2000D firmware version 1.0.0 and earlier, EOS D REBEL T100 / EOS 3000D / EOS 4000D firmware version 1.0.0 and earlier, EOS R firmware version 1.3.0 and earlier, EOS RP firmware version 1.2.0 and earlier, EOS RP GOLD firmware version 1.2.0 and earlier, EOS M2 firmware version 1.0.3 and earlier, EOS M3 firmware version 1.2.0 and earlier, EOS M5 firmware version 1.0.1 and earlier, EOS M6 firmware version 1.0.1 and earlier, EOS M6(China) firmware version 5.0.0 and earlier, EOS M10 firmware version 1.1.0 and earlier, EOS M100 firmware version 1.0.0 and earlier, EOS KISS M / EOS M50 firmware version 1.0.2 and earlier) and PowerShot SX740 HS firmware version 1.0.1 and earlier, PowerShot SX70 HS firmware version 1.1.0 and earlier, and PowerShot G5Xmark? firmware version 1.0.1 and earlier allows an attacker on the same network segment to trigger the affected product being unresponsive or to execute arbitrary code on the affected product via setadapterbatteryreport command. Buffer overflow in PTP (Picture Transfer Protocol) of EOS series digital cameras (EOS-1D X firmware version 2.1.0 and earlier, EOS-1D X MKII firmware version 1.1.6 and earlier, EOS-1D C firmware version 1.4.1 and earlier, EOS 5D MARK III firmware version 1.3.5 and earlier, EOS 5D MARK IV firmware version 1.2.0 and earlier, EOS 5DS firmware version 1.1.2 and earlier, EOS 5DS R firmware version 1.1.2 and earlier, EOS 6D firmware version 1.1.8 and earlier, EOS 6D MARK II firmware version 1.0.4 and earlier, EOS 7D MARK II firmware version 1.1.2 and earlier, EOS 70 D firmware version 1.1.2 and earlier, EOS 80 D firmware version 1.0.2 and earlier, EOS KISS X7I / EOS D REBEL T5I / EOS 700D firmware version 1.1.5 and earlier, EOS KISS X8I / EOS D REBEL T6I / EOS 750D firmware version 1.0.0 and earlier, EOS KISS X9I / EOS D REBEL T7I / EOS 800D firmware version 1.0.1 and earlier, EOS KISS X7 / EOS D REBEL SL1 / EOS 100D firmware version 1.0.1 and earlier, EOS KISS X9 / EOS D REBEL SL2 / EOS 200D firmware version 1.0.1 and earlier, EOS KISS X10 / EOS D REBEL SL3 / EOS 200D / EOS 250D firmware version 1.0.1 and earlier, EOS 8000D / EOS D REBEL T6S / EOS 760D firmware version 1.0.0 and earlier, EOS 9000D / EOS 77D firmware version 1.0.2 and earlier, EOS KISS X70 / EOS D REBEL T5 / EOS 1200D firmware version 1.0.2 and earlier, EOS D REBEL T5 RE / EOS 1200D MG / EOS HI firmware version 1.0.2 and earlier, EOS KISS X80 / EOS D REBEL T6 / EOS 1300D firmware version 1.1.0 and earlier, EOS KISS X90 / EOS D REBEL T7 / EOS 1500D / EOS 2000D firmware version 1.0.0 and earlier, EOS D REBEL T100 / EOS 3000D / EOS 4000D firmware version 1.0.0 and earlier, EOS R firmware version 1.3.0 and earlier, EOS RP firmware version 1.2.0 and earlier, EOS RP GOLD firmware version 1.2.0 and earlier, EOS M2 firmware version 1.0.3 and earlier, EOS M3 firmware version 1.2.0 and earlier, EOS M5 firmware version 1.0.1 and earlier, EOS M6 firmware version 1.0.1 and earlier, EOS M6(China) firmware version 5.0.0 and earlier, EOS M10 firmware version 1.1.0 and earlier, EOS M100 firmware version 1.0.0 and earlier, EOS KISS M / EOS M50 firmware version 1.0.2 and earlier) and PowerShot SX740 HS firmware version 1.0.1 and earlier, PowerShot SX70 HS firmware version 1.1.0 and earlier, and PowerShot G5Xmark ? firmware version 1.0.1 and earlier allows an attacker on the same network segment to trigger the affected product being unresponsive or to execute arbitrary code on the affected product via setadapterbatteryreport command.
    Added Reference https://www.canon-europe.com/support/product-security/ [No Types Assigned]
    Added Reference http://jvn.jp/en/vu/JVNVU97511331/index.html [No Types Assigned]
EPSS is a daily estimate of the probability of exploitation activity being observed over the next 30 days. Following chart shows the EPSS score history of the vulnerability.
Exploit Prediction

EPSS is a daily estimate of the probability of exploitation activity being observed over the next 30 days.

0.72 }} 0.07%

score

0.80401

percentile

CVSS30 - Vulnerability Scoring System
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability