• In observance of National Heroes' Day, our offices and Customer Care Centers will be closed on August 26, Monday. Regular operations will resume on August 27, Tuesday.

06 Aug 2019 (Important) (Updated)

    Regarding the Security Advisory for Canon Digital Cameras Related to PTP (Picture Transfer Protocol) Communication Functions and Firmware Update Functions 

    Thank you very much for using Canon products.

    An international team of security researchers has drawn our attention to a vulnerability related to communications via the Picture Transfer Protocol (PTP), which is used by Canon digital cameras, as well as a vulnerability related to firmware updates. (CVE-ID: CVE-2019-5994, CVE-2019-5995, CVE-2019-5998, CVE-2019-5999, CVE-2019-6000, CVE-2019-6001)

    Due to  these vulnerabilities, the potential exists for third-party attack on the camera if the camera is connected to a PC or mobile device that has been hijacked through an unsecured network.

    At this point, there have been no confirmed cases of these vulnerabilities being exploited to cause harm, but in order to ensure that our customers can use our products securely, we would like to inform you of the following workarounds for this issue.

    • Ensure the suitability of security-related settings of the devices connected to the camera, such as the PC, mobile device, and router being used.
    • Do not connect the camera to a PC or mobile device that is being used in an unsecure network, such as in a free Wi-Fi environment.
    • Do not connect the camera to a PC or mobile device that is potentially exposed to virus infections.
    • Disable the camera’s network functions when they are not being used.
    • Download the official firmware from Canon’s website when performing a camera firmware update.

    Affected Products:
    These vulnerabilities affect the EOS-series digital SLR and mirrorless cameras; PowerShot SX740 HS, PowerShot SX70 HS and PowerShot G5X Mark II.

    Firmware Update:
    There is an increase use of PCs and mobile devices in an unsecure (free Wi-Fi) network environment where customers are not aware of the network security. As it has become prevalent to transfer images from a camera to a mobile device via Wi-Fi connection, we will implement firmware updates for the following models that are equipped with the Wi-Fi function.

    EOS-1D X*1*2  ​​EOS 70DEOS RPowerShot SX70 HS ​​​​​​​
    EOS-1D X Mark II*1*2EOS 77D EOS RPPowerShot SX740 HS
    EOS-1D C*1*2EOS 80D ##EOS M2PowerShot G5X Mark II
    EOS 5D Mark III*1EOS 200D EOS M3
    EOS 5D Mark IVEOS 200D II EOS M5
    EOS 5Ds*1EOS 750D EOS M6
    EOS 5Ds R*1EOS 760DEOS M10
    EOS 6DEOS 800DEOS M50
    EOS 6D Mark IIEOS 1300DEOS M100
    EOS 7D Mark II*1EOS 1500D


    EOS 3000D

    ​​​​​​​​​​​​​​*1 ​​​​​​​​​​​​​​​​​​​​​​If a Wi-Fi adapter or a Wireless file transmitter is used, Wi-Fi connecction can be established.
    ​​​​​​​
    ​​​​​​​​​​​​​​*2 ​​​​​​​​​​​​​​​​​​​​​​Ethernet connections are also affected by these vulnerabilities.
    ​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​## Firmware update available for download now.

    ​​​​​​​Firmware update  information will be provided  for each product in turn starting from products for which preparations have been completed. 
    ​​​​​​​