Impact
The Canon EOS Network Setting Tool for Windows and macOS establishes SSH connections to configure Canon EOS cameras. The tool does not validate the SSH host key presented by the device, which creates a certificate validation error (CWE‑295). Based on the description, it is inferred that an adversary who can intercept or modify the SSH traffic could supply a forged key and convince the tool to accept it. This flaw permits the attacker to read, modify, or inject commands into the management session, potentially compromising confidentiality and integrity of camera configurations.
Affected Systems
Canon Inc.'s EOS Network Setting Tool for Windows and macOS, versions 1.5.0 or earlier, is affected. Any installation of this tool that connects to Canon EOS cameras via its default SSH implementation is vulnerable.
Risk and Exploitability
The vulnerability carries a CVSS score of 7.1, indicating a high severity. The EPSS score is under 1 %, suggesting that exploitation is unlikely but not impossible. The flaw is not listed in the CISA KEV catalog. The likely attack vector is network; an attacker must gain network access or interpose between the tool and the camera. Once positioned, the attacker could replace the host key and establish an unauthorized session, thereby exposing the camera's configuration to manipulation.
OpenCVE Enrichment