Skip to main content

Canon cures security vulnerabilities in all cameras affected by malware risk

Canon cures security vulnerabilities in all cameras affected by malware risk
(Image credit: YouTube / Check Point)

Last August, a serious cybersecurity alert was issued as 30 Canon cameras were found susceptible to critical Wi-Fi and USB vulnerabilities, leaving them open to infection by ransomware – a type of malware whereby cyber-attackers can hold photos and videos taken on the camera to ransom. 

By November the number of affected Canon cameras was increased to 33 – and the core issue, a vulnerability in a standard communication protocol, potentially leaves cameras from other manufacturers vulnerable as well. For its part, though, Canon has been proactive in the process and has now released corrective firmware for all its affected cameras.  

The vulnerabilities were discovered by cybersecurity firm Check Point Software Technologies, which alerted Canon about the problem affecting its mirrorless, DSLR and compact camera lines. Check Point singled out the Canon EOS 80D (opens in new tab), releasing a video demonstrating how easy it is to exploit holes in the standard Picture Transfer Protocol (used to transfer files from cameras to PCs) to infect the camera and computer.

“Any ‘smart’ device, including cameras, are susceptible to attacks,” said Eyal Itkin, Security Researcher at Check Point. “Cameras are no longer just connected via USB, but to WiFi networks and their surrounding environment. This makes them more vulnerable to threats as attackers can inject ransomware into both the camera and PC it is connected to. Hackers could then hold peoples’ precious photos and videos hostage until the user pays a ransom for them to be released.”

Since the Protocol is standard, and embedded in other models from other manufacturers, innumerable non-Canon cameras may also be affected. "We focused on Canon as a test case, as they have the largest market share," we were told by Check Point researcher, Eyal Itkin. 

"However, the Picture Transfer Protocol is standardized and supported by all digital cameras, regardless of the vendor. While the Canon EOS 80D was the one tested in this demonstration, we do believe that similar implementation vulnerabilities could be found in other vendors as well, potentially leading to the same critical results in any digital camera."

When we reached out to all the major manufacturers, only Olympus responded, telling us, "We are currently investigating the effects on our products. As soon as we know the details, we will take necessary action in order to ensure that our customers can use our products safely."

Below is the full list of Canon cameras affected by the vulnerability, along with links to corrective firmware downloads where available. If you own or use any of these models, we strongly advise updating your firmware as soon as possible.

Canon EOS-1D X (Version 1.2.1 available (opens in new tab))
Canon EOS-1D X Mark II (Version 1.1.7 available (opens in new tab))
Canon EOS-1D C (Version 1.4.2 available (opens in new tab))
Canon EOS 5D Mark III (Version 1.3.6 available (opens in new tab))
Canon EOS 5D Mark IV (Version 1.2.1 available (opens in new tab))
Canon EOS 5DS (Version 1.1.3 available (opens in new tab))
Canon EOS 5DS R (Version 1.1.3 available (opens in new tab))
Canon EOS 6D (Version 1.1.9 available (opens in new tab))
Canon EOS 6D Mark II (Version 1.0.5 available (opens in new tab))
Canon EOS 7D Mark II (Version 1.1.3 available (opens in new tab)
Canon EOS 70D (Version 1.1.3 available (opens in new tab))
Canon EOS 77D / 9000D (Version 1.0.3 is available (opens in new tab))
Canon EOS 80D (Version 1.0.3 available (opens in new tab))
Canon EOS M10 (Version 1.1.1 available (opens in new tab))
Canon EOS M100 (Version 1.0.1 available (opens in new tab))
Canon EOS M2 (Version 1.0.4 available)
Canon EOS M3 (Version 1.2.1 available) (opens in new tab)
Canon EOS M5 (Version 1.0.2 available) (opens in new tab)
Canon EOS M50 / Kiss M (Version 1.0.3 available) (opens in new tab)
Canon EOS M6 (Version 1.0.1 available) (opens in new tab)
Canon EOS M6 Mark II (Version 1.0.1 available)
Canon EOS R (Version 1.6.0 available (opens in new tab))
Canon EOS RP (Version 1.4.0 available (opens in new tab))
Canon EOS Rebel SL2 / 200D / Kiss X9 (Version 1.0.3 available) (opens in new tab)
Canon EOS Rebel SL3 / 250D / Kiss X10 (Version 1.0.2 available) (opens in new tab)
Canon EOS Rebel T6 / 1300D / Kiss X80 (Version 1.1.1 available) (opens in new tab)
Canon EOS Rebel T6i / 750D / Kiss X8i (Version 1.0.1 available) (opens in new tab)
Canon EOS Rebel T6s / 760D / 8000D (Version 1.0.1 available) (opens in new tab)
Canon EOS Rebel T7 / 2000D / Kiss X90 (Version 1.0.1 available) (opens in new tab)
Canon EOS Rebel T7i / 800D / Kiss X9i (Version 1.0.2 available) (opens in new tab)
Canon PowerShot G5 X Mark II (Version 1.1.0 available (opens in new tab))
Canon PowerShot SX70 HS (Version 1.1.1 available) (opens in new tab)
Canon PowerShot SX740 HS (Version 1.0.2 available) (opens in new tab)

In its initial product advisory (opens in new tab), Canon was keen to stress that there have been no cases thus far where the vulnerabilities have resulted in malicious activity. "At this point, there have been no confirmed cases of these vulnerabilities being exploited to cause harm, but in order to ensure that our customers can use our products securely, we would like to inform you of the following workarounds for this issue."

Again, we should stress that this is not necessarily a Canon-specific issue, as it is the Picture Transfer Protocol itself (rather than the cameras) that exhibits the security flaw. Photographers should remain vigilant and check for relevant security updates from the manufacturers of their equipment. 

Full technical details of the investigation can be found on the Check Point website (opens in new tab).

Read more: 

Canon EOS R hacked (opens in new tab): Magic Lantern “successfully loaded”
Canon EOS R review (opens in new tab)
Verbatim Fingerprint Secure Hard Drive (opens in new tab) protects and encrypts your data

Thank you for reading 5 articles this month* Join now for unlimited access

Enjoy your first month for just £1 / $1 / €1

*Read 5 free articles per month without a subscription

Join now for unlimited access

Try first month for just £1 / $1 / €1

The editor of Digital Camera World, James has 21 years experience as a magazine and web journalist and started working in the photographic industry in 2014 (as an assistant to Damian McGillicuddy, who succeeded David Bailey as Principal Photographer for Olympus). In this time he shot for clients as diverse as Aston Martin Racing, Elinchrom and L'Oréal, in addition to shooting campaigns and product testing for Olympus, and providing training for professionals. This has led him to being a go-to expert for camera and lens reviews, photographic and lighting tutorials, as well as industry analysis, news and rumors for publications such as Digital Camera Magazine (opens in new tab)PhotoPlus: The Canon Magazine (opens in new tab)N-Photo: The Nikon Magazine (opens in new tab)Digital Photographer (opens in new tab) and Professional Imagemaker, as well as hosting workshops and demonstrations at The Photography Show (opens in new tab). An Olympus and Canon shooter, he has a wealth of knowledge on cameras of all makes – and a fondness for vintage lenses and instant cameras.