Ryan Hausknecht

**Name of the Vulnerable Software and Affected Versions** Canon EOS Network Setting Tool versions prior to 1.5.1 **Description** Improper validation of SSH host keys occurs in the software, which may allow for security bypass or interception of communications. **Recommendations** Update to a version later than 1.5.0.

**Name of the Vulnerable Software and Affected Versions** Canon EOS Network Setting Tool versions prior to 1.5.1 **Description** Improper validation of server certificates occurs in the software, which may allow for security compromises during server communication. **Recommendations** Update to a version later than 1.5.0.

**Name of the Vulnerable Software and Affected Versions** Canon EOS Network Setting Tool versions prior to 1.5.1 **Description** The software contains hard-coded cryptographic keys, which are fixed keys embedded directly into the source code, potentially allowing unauthorized decryption or authentication bypass. **Recommendations** Update to a version later than 1.5.0.

**Name of the Vulnerable Software and Affected Versions** Canon EOS Network Setting Tool versions prior to 1.5.1 **Description** The software employs weak SSH cryptographic algorithms, which are encryption methods used to secure communication over the Secure Shell (SSH) protocol that are no longer considered secure against modern attacks. **Recommendations** Update to a version later than 1.5.0.

**Name of the Vulnerable Software and Affected Versions** Canon EOS Network Setting Tool versions prior to 1.5.1 **Description** The software uses a non-secure protocol as the default FTP configuration, which may allow sensitive data to be transmitted without encryption. **Recommendations** Update to a version later than 1.5.0.