Description
Use of weak SSH cryptographic algorithms in Canon EOS Network Setting Tool Version 1.5.0 or earlier
Published: 2026-06-15
Score: 7.6 High
EPSS: < 1% Very Low
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

The Canon EOS Network Setting Tool includes support for weak SSH cryptographic algorithms in versions 1.5.0 or earlier. Weak algorithms can be forced during an SSH handshake, potentially allowing an attacker to downgrade the session to use legacy ciphers such as 3DES or Blowfish. Based on the description, this could enable an attacker to intercept or tamper with traffic, leading to unauthorized configuration changes or data disclosure. The weakness is categorized as CWE‑327, which describes the use of weak cryptographic protocols. The primary consequence is that confidentiality and integrity of SSH sessions between the tool and network devices may be compromised, which could in turn allow further exploitation of connected systems.

Affected Systems

Canon Inc. provides the EOS Network Setting Tool for Windows and macOS. Versions 1.5.0 or earlier are vulnerable. These tools are typically used to configure network settings on Canon cameras and other devices, and the vulnerability applies to any installation that has not been updated beyond the specified version.

Risk and Exploitability

The CVSS score of 7.6 places the vulnerability in the high severity range. EPSS indicates a very low exploitation probability (<1%) and the vulnerability is not listed in the CISA KEV catalog. The likely attack vector is remote, as the weakness is in the SSH protocol used by the tool. An attacker would need to establish an SSH session to the tool and then force the negotiation of the weak algorithm, which may require some information about the tool’s supported ciphers. The risk assessment therefore reflects a high impact but low probability scenario, making it a priority to mitigate through patching.

Generated by OpenCVE AI on June 18, 2026 at 00:18 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Apply the latest version of the Canon EOS Network Setting Tool that removes support for weak SSH algorithms.
  • If an upgrade cannot be performed immediately, modify the tool’s SSH configuration to disable all deprecated cipher suites such as 3DES, Blowfish, and any legacy key exchange methods.
  • Configure the SSH server to reject weak algorithms, ensuring that only strong ciphers (e.g., AES‑256‑GCM, CHACHA20‑POLY1305) and modern key exchanges are permitted.
  • Conduct regular security scans or network monitoring to detect attempts to tool.

Generated by OpenCVE AI on June 18, 2026 at 00:18 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Tue, 23 Jun 2026 21:30:00 +0000

Type Values Removed Values Added
First Time appeared Canon
Canon eos Network Setting Tool For Macos
Canon eos Network Setting Tool For Windows
Vendors & Products Canon
Canon eos Network Setting Tool For Macos
Canon eos Network Setting Tool For Windows

Thu, 18 Jun 2026 04:45:00 +0000

Type Values Removed Values Added
Title Weak SSH Cryptographic Algorithms in Canon EOS Network Setting Tool

Tue, 16 Jun 2026 22:30:00 +0000

Type Values Removed Values Added
Title Weak SSH Cryptographic Algorithms in Canon EOS Network Setting Tool

Tue, 16 Jun 2026 17:30:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}


Tue, 16 Jun 2026 00:00:00 +0000

Type Values Removed Values Added
Description Use of weak SSH cryptographic algorithms in Canon EOS Network Setting Tool Version 1.5.0 or earlier
Weaknesses CWE-327
References
Metrics cvssV3_1

{'score': 6.8, 'vector': 'CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N'}

cvssV4_0

{'score': 7.6, 'vector': 'CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:P/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N'}


Subscriptions

Canon Eos Network Setting Tool For Macos Eos Network Setting Tool For Windows
cve-icon MITRE

Status: PUBLISHED

Assigner: Canon

Published:

Updated: 2026-06-18T03:55:38.801Z

Reserved: 2026-05-21T23:14:53.345Z

Link: CVE-2026-9261

cve-icon Vulnrichment

Updated: 2026-06-16T15:02:03.125Z

cve-icon NVD

Status : Awaiting Analysis

Published: 2026-06-16T00:16:35.887

Modified: 2026-06-16T14:53:25.910

Link: CVE-2026-9261

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-06-23T21:06:18Z

Weaknesses
  • CWE-327

    Use of a Broken or Risky Cryptographic Algorithm