Canon DSLR Cameras Can Be Hacked - Everything You Need To Know

Canon DSLR Ransomware attack
Image Cretit: CheckPoint

Brief News: On 11 August, according to CheckPoint, Eyal Itkin found a vulnerability in the Canon DSLR that allows attackers to install a Ransoware on The Air

The Threats of Ransomwares are increasing from Computers to Smartphones and now on DSLR Cameras,

Yes You Heard The Right..!

Now Canon DSLR Cameras Can be infected with Ransomwares.

As per latest research by CheckPoint, They Explained How easy it to hack into Canon DSLR Camera and hold the Photos and Videos by Encrypting with Ransomwares,


Before going deep let me explain how it can be done, and what type of Vulnerability are out there, and how it might effects us,

Even if you know the vulnerability still it will worth reading.

How Ransomware can Effect DSLR Cameras

Once the Ransomware is installed via any medium on the DSLR then It will Encrypt all the Photos and Videos and can demand for some ransom.

Thus this may puts you in a trouble,

A Security Advisory is Released by Canon, According to the report by Canon, the security flaws affect Canon EOS-series digital SLR and mirrorless cameras, PowerShot SX740 HS, PowerShot SX70 HS, and PowerShot G5X Mark II.


Now let's see how it can be done

Previously DSLRs Used USB for File Transforming, Now most of the new DSLRs are using Picture Transfer Protocol (PTP), so that the DSLR must be Connected to WiFi for File Transformation,

A Vulnerability in the Picture Transfer Protocol Allows an attacker to take advantage of the DSLR Camera to launch malicious attacks,

According to Check Point, there are two possible ways an attacker can take advantage

Via USB: In This Senerio Attacker already installed in the victim PC, and now wants to propagate into your camera.

Over WiFi: In this Case An attacker can place a rogue WiFi access point and the Camera must be connected to the wifi
Here are the vulnerabilities list

Canon DSLR PTP and Firmware Vulnerabilities

  • CVE-2019-5994 — Buffer Overflow in SendObjectInfo
  • CVE-2019-5998 — Buffer Overflow in NotifyBtStatus
  • CVE-2019-5999 — Buffer Overflow in BLERequest
  • CVE-2019-6000 — Buffer Overflow in SendHostInfo
  • CVE-2019-6001 — Buffer Overflow in SetAdapterBatteryReport
  • CVE-2019-5995 — Silent Malicious Firmware Update


Exploiting Canon DSLR Camera With Ransomware

However the attack is performed on Canon EOS 80D model,
CheckPoint released a POC

Here is the video explaining how it can be exploited


Hope you guys got clear understanding on how the the attack can be done,

Though Researchers already reported this to Cannon, currently there is a release of firmware for Canon EOS 80D model and recommended users of other affected models to follow basic security practices until patches for their devices become available.

You can read the Security Update by the Company for all of its devices

For more information on the Canon DSLR Exploration you can read the CheckPoint Blog Article


If you found our Article interesting then don't forget to share with your friends.

Post a Comment

0 Comments