Personal View site logo
Make sure to join PV Telegram channel! Perfect to keep up with community on your smartphone.
Canon cameras and possible hardening against hacking
  • Products Affected

    • EOS Series (DSLR and Mirrorless)
    • PowerShot SX70HS
    • PowerShot SX740HS
    • PowerShot G5XMarkII

    Multiple Canon digital cameras (EOS series and PowerShot series) contain multiple vulnerabilities listed below.

    • Buffer overflow vulnerability in PTP (Picture Transfer Protocol) when processing SendObjectInfo command (CWE-120) - CVE-2019-5994
    • Buffer overflow vulnerability in PTP (Picture Transfer Protocol) when processing notifybtstatus command (CWE-120) - CVE-2019-5998
    • Buffer overflow vulnerability in PTP (Picture Transfer Protocol) when processing blerequest command (CWE-120) - CVE-2019-5999
    • Buffer overflow vulnerability in PTP (Picture Transfer Protocol) when processing sendhostinfo command (CWE-755) - CVE-2019-6000
    • Buffer overflow vulnerability in PTP (Picture Transfer Protocol) when processing setadapterbatteryreport command (CWE-755) - CVE-2019-6001
    • Missing authorization vulnerability which may result in unauthorized firmware update (CWE-862) - CVE-2019-5995

    Impact

    • A specially crafted PTP command may cause buffer overflow, which may result in the affected digital camera being unresponsive or arbitrary code being executed by a remote attacker - CVE-2019-5994, CVE-2019-5998, CVE-2019-5999, CVE-2019-6000, CVE-2019-6001
    • Specially crafted firmware by a remote attacker or unofficial firmware update may be applied without the user's consent since the user confirmation process before applying firmware update is not implemented in the software - CVE-2019-5995

    Thing that we see here can be first step on killing Canon hacking activities, as some data suggest that this is exact things used to dump firmware by the team for years.

  • 2 Replies sorted by
  • "You should give me 3 bitcoins or I will delete all the brick wall pictures in your camera"