VAR-201012-0373
Vulnerability from variot - Updated: 2022-05-17 01:46Canon EOS is a series of digital SLR cameras released by Canon. The mid- to high-end Canon digital camera has an \"Original Decision Data\" (ODD) function, which is a digital signature that can be used to verify that the photo has been changed or that the data time stamp or GPS data coordinates have changed. However, defects in digital signatures can lead to forgery. The second version of the Canon ODD system has a HMAC code of 256 bits. The problem is that the HMAC in Canon RAM exists in a confusing form and can be extracted. According to the Sklyarov report, the HAMC can be extracted from the Canon FLASH ROM and manually confusing. This problem is a design flaw that cannot be fixed. According to Sklyarov, he has been from EOS 20D, EOS 5D, EOS 30D, EOS 40D, EOS 450D, EOS 1000D, EOS 50D, EOS 5D Mark II, EOS 500D and EOS 7D series. Extract the HMAC key. An attacker can use these keys to modify a photo file without authorization. Multiple Canon digital cameras are prone to a vulnerability that may allow for the undetected modification of images
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201012-0373",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "eos 1000d",
"scope": null,
"trust": 0.6,
"vendor": "canon",
"version": null
},
{
"model": "eos 20d",
"scope": null,
"trust": 0.6,
"vendor": "canon",
"version": null
},
{
"model": "eos 40d",
"scope": null,
"trust": 0.6,
"vendor": "canon",
"version": null
},
{
"model": "eos 450d",
"scope": null,
"trust": 0.6,
"vendor": "canon",
"version": null
},
{
"model": "eos 500d",
"scope": null,
"trust": 0.6,
"vendor": "canon",
"version": null
},
{
"model": "eos 50d",
"scope": null,
"trust": 0.6,
"vendor": "canon",
"version": null
},
{
"model": "eos 5d",
"scope": null,
"trust": 0.6,
"vendor": "canon",
"version": null
},
{
"model": "eos 5d mark i i",
"scope": null,
"trust": 0.6,
"vendor": "canon",
"version": null
},
{
"model": "eos 7d",
"scope": null,
"trust": 0.6,
"vendor": "canon",
"version": null
},
{
"model": "eos 7d",
"scope": "eq",
"trust": 0.3,
"vendor": "canon",
"version": "0"
},
{
"model": "eos 5d mark ii",
"scope": "eq",
"trust": 0.3,
"vendor": "canon",
"version": "0"
},
{
"model": "eos 5d",
"scope": "eq",
"trust": 0.3,
"vendor": "canon",
"version": "0"
},
{
"model": "eos 50d",
"scope": "eq",
"trust": 0.3,
"vendor": "canon",
"version": "0"
},
{
"model": "eos 500d",
"scope": "eq",
"trust": 0.3,
"vendor": "canon",
"version": "0"
},
{
"model": "eos 450d",
"scope": "eq",
"trust": 0.3,
"vendor": "canon",
"version": "0"
},
{
"model": "eos 40d",
"scope": "eq",
"trust": 0.3,
"vendor": "canon",
"version": "0"
},
{
"model": "eos 20d",
"scope": "eq",
"trust": 0.3,
"vendor": "canon",
"version": "0"
},
{
"model": "eos 1000d",
"scope": "eq",
"trust": 0.3,
"vendor": "canon",
"version": "0"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2010-2979"
},
{
"db": "BID",
"id": "45106"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Dmitry Sklyarov",
"sources": [
{
"db": "BID",
"id": "45106"
}
],
"trust": 0.3
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Canon EOS is a series of digital SLR cameras released by Canon. The mid- to high-end Canon digital camera has an \\\"Original Decision Data\\\" (ODD) function, which is a digital signature that can be used to verify that the photo has been changed or that the data time stamp or GPS data coordinates have changed. However, defects in digital signatures can lead to forgery. The second version of the Canon ODD system has a HMAC code of 256 bits. The problem is that the HMAC in Canon RAM exists in a confusing form and can be extracted. According to the Sklyarov report, the HAMC can be extracted from the Canon FLASH ROM and manually confusing. This problem is a design flaw that cannot be fixed. According to Sklyarov, he has been from EOS 20D, EOS 5D, EOS 30D, EOS 40D, EOS 450D, EOS 1000D, EOS 50D, EOS 5D Mark II, EOS 500D and EOS 7D series. Extract the HMAC key. An attacker can use these keys to modify a photo file without authorization. Multiple Canon digital cameras are prone to a vulnerability that may allow for the undetected modification of images",
"sources": [
{
"db": "CNVD",
"id": "CNVD-2010-2979"
},
{
"db": "BID",
"id": "45106"
}
],
"trust": 0.81
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "BID",
"id": "45106",
"trust": 0.9
},
{
"db": "CNVD",
"id": "CNVD-2010-2979",
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2010-2979"
},
{
"db": "BID",
"id": "45106"
}
]
},
"id": "VAR-201012-0373",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2010-2979"
}
],
"trust": 1.3291666666666666
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2010-2979"
}
]
},
"last_update_date": "2022-05-17T01:46:46.462000Z",
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 0.9,
"url": "http://www.networkworld.com/news/2010/113010-analyst-finds-flaws-in-canon.html"
},
{
"trust": 0.3,
"url": "http://www.canon.com/"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2010-2979"
},
{
"db": "BID",
"id": "45106"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2010-2979"
},
{
"db": "BID",
"id": "45106"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2010-12-01T00:00:00",
"db": "CNVD",
"id": "CNVD-2010-2979"
},
{
"date": "2010-11-30T00:00:00",
"db": "BID",
"id": "45106"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2010-12-01T00:00:00",
"db": "CNVD",
"id": "CNVD-2010-2979"
},
{
"date": "2010-11-30T17:05:00",
"db": "BID",
"id": "45106"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "local",
"sources": [
{
"db": "BID",
"id": "45106"
}
],
"trust": 0.3
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Canon Digital Camera HMAC Unauthorized Access Vulnerability",
"sources": [
{
"db": "CNVD",
"id": "CNVD-2010-2979"
}
],
"trust": 0.6
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Unknown",
"sources": [
{
"db": "BID",
"id": "45106"
}
],
"trust": 0.3
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…