Contact us: +44 116 291 9092
Title Image

Canon camera firmware security updates

  |   Canon camera, Photography news   |   No comment

Canon camera firmware updates

Firmware addresses potential security issues


Canon has released a number of camera firmware updates that address potential issues in their picture transfer protocol.

It’s not a serious problem, and if you don’t use the WiFi functionality it’s not essential. The update process is pretty simple, and the update includes any previous updates you may have missed.

firmware

Canon firmware updates released to date

Updates released as of 23rd Nov 2019

Canon advisory

An international team of security researchers has drawn our attention to a vulnerability related to communications via the Picture Transfer Protocol (PTP), which is used by Canon digital cameras, as well as a vulnerability related to firmware updates.
(CVE-ID:CVE-2019-5994, CVE-2019-5995, CVE-2019-5998, CVE-2019-5999, CVE-2019-6000, CVE-2019-6001)

Due to these vulnerabilities, the potential exists for third-party attack on the camera if the camera is connected to a PC or mobile device that has been hijacked through an unsecured network.

At this point, there have been no confirmed cases of these vulnerabilities being exploited to cause harm, but in order to ensure that our customers can use our products securely, we would like to inform you of the following workarounds for this issue.

* Ensure the suitability of security-related settings of the devices connected to the camera, such as the PC, mobile device, and router being used.
* Do not connect the camera to a PC or mobile device that is being used in an unsecure network, such as in a free Wi-Fi environment.
* Do not connect the camera to a PC or mobile device that is potentially exposed to virus infections.
* Disable the camera’s network functions when they are not being used.
* Download the official firmware from Canon’s website when performing a camera firmware update.

Models Affected

These vulnerabilities affect the EOS-series digital SLR and mirrorless cameras PowerShot SX740 HS, PowerShot SX70 HS, PowerShot G5X Mark II.

Firmware Update

There is an increased use of PCs and mobile devices in an unsecure (free Wi-Fi) network environment where customers are not aware of the network security. As it has become prevalent to transfer images from a camera to a mobile device via Wi-Fi connection, we will implement firmware updates for the following models that are equipped with the Wi-Fi function.

The firmware

Model Firmware availability
EOS-1D X*1*2 V1.2.1
EOS-1D X Mark II*1*2 V1.1.7
EOS-1D C*1*2 V1.4.2
EOS 5D Mark III*1 V1.3.6
EOS 5D Mark IV V1.2.1
EOS 5DS*1 V1.1.3
EOS 5DS R*1 V1.1.3
EOS 6D V1.1.9
EOS 6D Mark II V1.0.5
EOS 7D Mark II*1 V1.1.3
EOS 70D V1.1.3
EOS 80D V1.0.3
EOS M10 Tbd
EOS M100 Tbd
EOS M3 Tbd
EOS M5 Tbd
EOS M50 V1.0.3
EOS M6 Tbd
EOS M6 Mark II V1.0.1
EOS R V1.4.0
EOS RP V1.3.0
EOS Rebel SL2 Tbd
EOS Rebel SL3 V1.0.2
EOS Rebel T6 Tbd
EOS Rebel T6i Tbd
EOS Rebel T6s V1.0.1
EOS Rebel T7 Tbd
EOS Rebel T7I Tbd
PowerShot G5X Mark II Tbd
PowerShot SX70 HS V1.1.1
PowerShot SX740 HS

*1These models require a WiFi adapter or a Wireless File Transmitter to support WiFi connectivity.
*2Ethernet connections can also permit these vulnerabilities.

V1.0.2

Never miss a new article or review - Sign up for our Newsletter (2-4 a month max.)

Enjoyed this article?

Other areas of our site that may be of interest...

All the latest articles/reviews and photo news items appear on Keith's Photo blog 

We've a whole section of the site devoted to  Digital Black and White photography and printing. It covers all of Keith's specialist articles and reviews.

Categories include Colour management and Keith's camera hacks - there are over 1000 articles/reviews here...

Articles below by Keith (Google's picks for matching this page)



No Comments

Post A Comment