CVE-2026-9262: Use of a non-secure protocol as the default FTP configuration in Canon EOS Network Setting Tool Version 1
Use of a non-secure protocol as the default FTP configuration in Canon EOS Network Setting Tool Version 1.5.0 or earlier
Metrics
- CVSS v4.0
- 7.1
- Severity
- HIGH
- Fixed in
- —
- Affected Products
- 2
HarborGuard Analysis
Synopsis
This vulnerability is an insecure default configuration in Canon EOS Network Setting Tool version 1.5.0 and earlier, affecting both the Windows and macOS editions. The tool defaults to plain FTP rather than a secure alternative, meaning credentials and file transfers are sent in cleartext over the network; an attacker positioned to intercept traffic can read them without any authentication of their own. Successful exploitation gives an attacker access to whatever credentials and data the tool transmits. HarborGuard is tracking this advisory and will make a patched-image rebuild available the moment Canon publishes a fix version.
HarborGuard Coverage
Detection capability is available across every HarborGuard environment: the CVE is ingested from upstream feeds within minutes of publication and matched against customer images, including custom-built images that bundle the affected tool. No manual feed subscription is needed on the customer side.
AvailableHarborGuard scores this finding at CVSS 7.1 HIGH per the v4.0 vector and is capable of weighting that score against each customer environment's compliance policy before routing the alert to the appropriate team inbox within that organization.
AvailableBecause Canon has not yet published a fix version, HarborGuard re-checks the advisory on every ingest cycle and will make a patched-image rebuild available automatically the moment an upstream fix is released. In the interim, the finding remains open and visible in each customer's dashboard with its current advisory status.
Pending upstreamExploit Conditions
- Network reachabilityRequired
The attacker must be positioned on the network path between the tool and the FTP server to intercept the cleartext traffic.
- AuthenticationNot required
No credentials are needed; passive traffic interception requires no account on the affected system.
- Victim interactionRequired
A user must actively initiate an FTP session with the tool, making this a social-engineering or opportunistic scenario where the attacker waits for legitimate use.
- Attack complexityDetail
Exploit conditions are straightforward and reliable once network access is established; no race conditions or special environmental factors are required (AT:N, AC:L).
Blast Radius
- An attacker reads FTP credentials transmitted in cleartext, which can be reused to access the FTP server directly.
- Any files transferred during the intercepted session are readable by the attacker, exposing potentially sensitive camera assets or configuration data.
- Confidentiality of the session is fully compromised (VC:H); there is no integrity or availability impact reported for this vulnerability.
How HarborGuard Handles This
Available on HarborGuard: because no fix version exists for this CVE, the platform monitors the Canon advisory on every ingest cycle and surfaces the open finding in each customer's vulnerability dashboard. Where compensating controls are applicable, security teams can use HarborGuard's policy engine to flag any image containing the affected tool for network-policy isolation (restricting outbound FTP to trusted server addresses only) or to require egress filtering that blocks plaintext FTP port 21 traffic. If a patched version is released by Canon, HarborGuard will make a rebuilt image available immediately; for customers who opt into auto-remediation, that triggers an automated regression test run and a pull request opened against affected workloads without manual intervention.
- Canon Inc. / EOS Network Setting Tool for Windows1.5.0 or earlier
- Canon Inc. / EOS Network Setting Tool for macOS1.5.0 or earlier
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N