Description
Improper validation of SSH host keys in Canon EOS Network Setting Tool Version 1.5.0 or earlier
Published: 2026-06-15
Score: 7.1 High
EPSS: < 1% Very Low
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

The Canon EOS Network Setting Tool for Windows and macOS performs SSH connections to manage camera devices. The tool does not properly validate the SSH host key presented by the device, meaning that an attacker who can intercept or modify the SSH traffic could present a forged key and convince the tool to trust it. This flaw allows a man-in-the-middle attacker to potentially read, modify, or inject commands into the management session, which could compromise the confidentiality and integrity of the device configuration. The weakness is a classic certificate validation error (CWE‑295).

Affected Systems

Any installation of Canon EOS Network Setting Tool version 1.5.0 or earlier on Windows or macOS is affected. The file is deployed by Canon Inc., and the vulnerability applies to all devices managed by this tool using its default SSH implementation.

Risk and Exploitability

The vulnerability carries a CVSS score of 7.1, indicating a high severity. The EPSS score is under 1 %, suggesting that exploitation is unlikely but not impossible. The flaw is not listed in the CISA KEV catalog. Attacks would require the attacker to have network access to the target device or be able to position themselves between the tool and the device; once positioned, the attacker could replace the host key and establish an unauthorized session. The risk is mitigated only by preventing the tool from accepting an unvalidated key.

Generated by OpenCVE AI on June 16, 2026 at 22:07 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Upgrade Canon EOS Network Setting Tool to version 1.5.1 or newer, which implements proper SSH host‑key validation and is available on Canon’s official support portal.
  • If an upgrade cannot be applied immediately, limit the tool’s outbound connections to trusted internal IP addresses and block external access to the camera’s SSH port (typically 22).
  • Before connecting, verify the device’s SSH host‑key fingerprint provided by Canon against the fingerprint accepted by the tool to ensure it matches the genuine device.

Generated by OpenCVE AI on June 16, 2026 at 22:07 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Tue, 16 Jun 2026 22:30:00 +0000

Type Values Removed Values Added
Title Improper SSH Host Key Validation in Canon EOS Network Setting Tool

Tue, 16 Jun 2026 13:30:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'yes', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}

Tue, 16 Jun 2026 00:00:00 +0000

Type Values Removed Values Added
Description Improper validation of SSH host keys in Canon EOS Network Setting Tool Version 1.5.0 or earlier
Weaknesses CWE-295
References
Metrics cvssV3_1

{'score': 6.5, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N'}

cvssV4_0

{'score': 7.1, 'vector': 'CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N'}

Subscriptions

No data.

cve-icon MITRE

Status: PUBLISHED

Assigner: Canon

Published:

Updated: 2026-06-16T12:47:23.858Z

Reserved: 2026-05-21T23:14:48.638Z

Link: CVE-2026-9258

cve-icon Vulnrichment

Updated: 2026-06-16T12:47:18.774Z

cve-icon NVD

Status : Awaiting Analysis

Published: 2026-06-16T00:16:35.460

Modified: 2026-06-16T14:53:25.910

Link: CVE-2026-9258

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-06-16T22:15:03Z

Weaknesses
  • CWE-295

    Improper Certificate Validation