Canon Detected Security Flaw In WiFi Protocol, Lots Of Firmware Updates To Come

Canon Rumors Color Calibration

It seems a lo of firmware updates are coming to Canon DSLRs, MILCs, and PowerShots. Good to know that Canon takes this issues seriously.

Canon product advisory:

Regarding the security advisory for Canon digital cameras related to PTP (Picture Transfer Protocol) communication functions and firmware update functions.

Thank you very much for using Canon products.

An international team of security researchers has drawn our attention to a vulnerability related to communications via the Picture Transfer Protocol (PTP), which is used by Canon digital cameras, as well as a vulnerability related to firmware updates.
(CVE-ID:CVE-2019-5994, CVE-2019-5995, CVE-2019-5998, CVE-2019-5999, CVE-2019-6000, CVE-2019-6001)

Due to these vulnerabilities, the potential exists for third-party attack on the camera if the camera is connected to a PC or mobile device that has been hijacked through an unsecured network.

At this point, there have been no confirmed cases of these vulnerabilities being exploited to cause harm, but in order to ensure that our customers can use our products securely, we would like to inform you of the following workarounds for this issue.

  • Ensure the suitability of security-related settings of the devices connected to the camera, such as the PC, mobile device, and router being used.
  • Do not connect the camera to a PC or mobile device that is being used in an unsecure network, such as in a free Wi-Fi environment.
  • Do not connect the camera to a PC or mobile device that is potentially exposed to virus infections.
  • Disable the camera’s network functions when they are not being used.
  • Download the official firmware from Canon’s website when performing a camera firmware update.

Models Affected

These vulnerabilities affect the EOS-series digital SLR and mirrorless cameras PowerShot SX740 HS, PowerShot SX70 HS, PowerShot G5X Mark II.

Firmware Update

There is an increased use of PCs and mobile devices in an unsecure (free Wi-Fi) network environment where customers are not aware of the network security. As it has become prevalent to transfer images from a camera to a mobile device via Wi-Fi connection, we will implement firmware updates for the following models that are equipped with the Wi-Fi function.

ModelEstimated Firmware availability
EOS-1D X*1*2Tbd
EOS-1D X Mark II*1*2                      Tbd
EOS-1D C*1*2                         Tbd
EOS 5D Mark III*1Tbd
EOS 5D Mark IV Tbd
EOS 5DS*1Tbd
EOS 5DS R*1        Tbd
EOS 6D       Tbd
EOS 6D Mark II Tbd
EOS 7D Mark II*1                              Tbd
EOS 70DTbd
EOS 80D     Version 1.0.3 is available for download
EOS M10Tbd
EOS M100Tbd
EOS M50Tbd
EOS Rebel SL2 Tbd
EOS Rebel SL3Tbd
EOS Rebel T6Tbd
EOS Rebel T6iTbd
EOS Rebel T6sTbd
EOS Rebel T7Tbd
EOS Rebel T7I Tbd
PowerShot G5X Mark IITbd
PowerShot SX70 HSTbd
PowerShot SX740 HSTbd
Click here to open the rest of the article

Canon EOS R Banding Issue Seems Solved By Latest Firmware Update

Canon Eos R

Some Canon EOS R users have reportedly experienced banding issues with their new camera.

Michael The Maven discovered that artefacts appear as banding in RAW files when lifting shadows. After Canon release firmware ver. 1.2.0 for the EOS R, Michael tested again and compared firmware ver. 1.1.0 vs firmware 1.2.0., and found that the banding issue was gone.

Most user will likely never have an issue with banding but we recommend you update your EOS R asap.

Canon EOS R:

America: B&H Photo, Adorama, Amazon USA, Amazon Canada, Canon Canada, Canon USA
Europe & UK: Amazon DE, Amazon UK, Amazon IT, Wex Photo Video, Canon DE, Canon UK

Canon EOS R Firmware ver. 1.2.0 Available To Download

Canon Eos R Firmware Update

The firmware update (ver. 1.2.0) for the Canon EOS R is available to download at Canon Canada.

Canon EOS R firmware Version 1.2.0 incorporates the following fixes and enhancements: 

Eye-detection AF 
1. Supports Servo AF when shooting still images. 
2. Now available when shooting movies regardless of “Movie Servo AF” setting. 
Small AF Frame Size 
Supports Servo AF when shooting still images. 
3. Now available when shooting movies regardless of “Movie Servo AF” setting. 

4. Under certain conditions the electronic level displayed in the electronic viewfinder did not display properly. 
5. Under certain conditions information displayed in the electronic viewfinder was not properly rotated. 
6. Under certain conditions updating the firmware for the wireless file transmitter WFT-E7 was not possible. 

This firmware update is for cameras equipped with firmware up to Version 1.1.0. If the camera’s firmware is already Version 1.2.0, this update is unnecessary. When updating the firmware of your camera, please first review the instructions thoroughly before you download the firmware. 
The firmware update takes approximately 6 minutes. 

The user guide has been revised to reflect the functional improvements to the product. Please download the latest version of the user guide together with the new firmware. The latest version of the user guide can be downloaded from Canon’s Web site.