CVE-2019-6000

Name of the Vulnerable Software and Affected Versions Canon EOS series digital cameras versions 1.0.0 through 2.1.0 Canon PowerShot SX740 HS version 1.0.1 Canon PowerShot SX70 HS version 1.1.0 Canon PowerShot G5Xmark II version 1.0.1

Description A buffer overflow issue exists in the PTP (Picture Transfer Protocol) of the affected Canon products. This issue allows an attacker on the same network segment to trigger the affected product being unresponsive or to execute arbitrary code on the affected product via the sendhostinfo command.

Recommendations For Canon EOS series digital cameras, update the firmware to a version later than 2.1.0. For Canon PowerShot SX740 HS, update the firmware to a version later than 1.0.1. For Canon PowerShot SX70 HS, update the firmware to a version later than 1.1.0. For Canon PowerShot G5Xmark II, update the firmware to a version later than 1.0.1. As a temporary workaround, consider restricting access to the sendhostinfo command until a patch is available.