¼ÑÄÜEOSϵÁжà¸ö¸ßΣÎó²îÇ徲ͨ¸æ

Ðû²¼Ê±¼ä 2019-08-13

? Îó²î±àºÅºÍ¼¶±ð


CVE±àºÅ£ºCVE-2019-5994£¬Î£ÏÕ¼¶±ð£º¸ßΣ£¬CVSS·ÖÖµ£º¹Ù·½Î´ÆÀ¶¨
CVE±àºÅ£ºCVE-2019-5998£¬Î£ÏÕ¼¶±ð£º¸ßΣ£¬CVSS·ÖÖµ£º¹Ù·½Î´ÆÀ¶¨
CVE±àºÅ£ºCVE-2019-5999£¬Î£ÏÕ¼¶±ð£º¸ßΣ£¬CVSS·ÖÖµ£º¹Ù·½Î´ÆÀ¶¨
CVE±àºÅ£ºCVE-2019-6000£¬Î£ÏÕ¼¶±ð£º¸ßΣ£¬CVSS·ÖÖµ£º¹Ù·½Î´ÆÀ¶¨
CVE±àºÅ£ºCVE-2019-6001£¬Î£ÏÕ¼¶±ð£º¸ßΣ£¬CVSS·ÖÖµ£º¹Ù·½Î´ÆÀ¶¨

CVE±àºÅ£ºCVE-2019-5995£¬Î£ÏÕ¼¶±ð£º¸ßΣ£¬CVSS·ÖÖµ£º¹Ù·½Î´ÆÀ¶¨


Ó°Ïì°æ±¾


EOS-1DX*1 *2 EOS 6D Mark II EOS 760D EOS M5
EOS-1DX MK II*1 *2 EOS 7D Mark II*1 EOS 77D EOS M6
EOS-1DC*1 *2 EOS 70D EOS 1300D EOS M10
EOS 5D Mark IV EOS 80D EOS 2000D EOS M100
EOS 5D Mark III*1 EOS 750D EOS 4000D EOS M50
EOS 5DS*1 EOS 800D EOS R PowerShot SX70 HS
EOS 5DS R*1 EOS 200D EOS RP PowerShot SX740 HS
EOS 6D EOS 250D EOS M3 PowerShot G5X Mark II


Îó²î¸ÅÊö


Canon EOSϵÁкÍPowerShotϵÁеç×ÓÉãÏñÍ·ÖеÄPTP±£´æ»º³åÇø¹ýʧÎó²î¡£¸ÃÎó²îÔ´ÓÚÍøÂçϵͳ»ò²úÆ·ÔÚÄÚ´æÉÏÖ´ÐвÙ×÷ʱ£¬Î´×¼È·ÑéÖ¤Êý¾Ý½çÏߣ¬µ¼ÖÂÏò¹ØÁªµÄÆäËûÄÚ´æλÖÃÉÏÖ´ÐÐÁ˹ýʧµÄ¶Áд²Ù×÷¡£¹¥»÷Õß¿ÉʹÓøÃÎó²îµ¼Ö»º³åÇøÒç³ö»ò¶ÑÒç³öµÈ¡£


ÒÔϲúÆ·¼°°æ±¾Êܵ½Ó°Ï죺ʹÓÃ2.1.0¼°Ö®Ç°°æ±¾¹Ì¼þµÄEOS-1D X £»Ê¹ÓÃ1.1.6¼°Ö®Ç°°æ±¾¹Ì¼þµÄEOS-1D X MKII £»Ê¹ÓÃ1.4.1¼°Ö®Ç°°æ±¾¹Ì¼þµÄEOS-1D C £»Ê¹ÓÃ1.3.5¼°Ö®Ç°°æ±¾¹Ì¼þµÄEOS 5D MARK III £»Ê¹ÓÃ1.2.0¼°Ö®Ç°°æ±¾¹Ì¼þµÄEOS 5D MARK IV £»Ê¹ÓÃ1.1.2¼°Ö®Ç°°æ±¾¹Ì¼þµÄEOS 5DS £»Ê¹ÓÃ1.1.2¼°Ö®Ç°°æ±¾¹Ì¼þµÄEOS 5DS R £»Ê¹ÓÃ1.1.8¼°Ö®Ç°°æ±¾¹Ì¼þµÄEOS 6D £»Ê¹ÓÃ1.0.4¼°Ö®Ç°°æ±¾¹Ì¼þµÄEOS 6D MARK II £»Ê¹ÓÃ1.1.2¼°Ö®Ç°°æ±¾¹Ì¼þµÄEOS 7D MARK II £»Ê¹ÓÃ1.1.2¼°Ö®Ç°°æ±¾¹Ì¼þµÄEOS 70 D £»Ê¹ÓÃ1.0.2¼°Ö®Ç°°æ±¾¹Ì¼þµÄEOS 80 D £»Ê¹ÓÃ1.1.5¼°Ö®Ç°°æ±¾¹Ì¼þµÄEOS KISS X7I / EOS D REBEL T5I / EOS 700D £»Ê¹ÓÃ1.0.0¼°Ö®Ç°°æ±¾¹Ì¼þµÄEOS KISS X8I / EOS D REBEL T6I / EOS 750D £»Ê¹ÓÃ1.0.1¼°Ö®Ç°°æ±¾¹Ì¼þµÄEOS KISS X9I / EOS D REBEL T7I / EOS 800D £»Ê¹ÓÃ1.0.1¼°Ö®Ç°°æ±¾¹Ì¼þµÄEOS KISS X7 / EOS D REBEL SL1 / EOS 100D £»Ê¹ÓÃ1.0.1¼°Ö®Ç°°æ±¾¹Ì¼þµÄEOS KISS X9 / EOS D REBEL SL2 / EOS 200D £»Ê¹ÓÃ1.0.1¼°Ö®Ç°°æ±¾¹Ì¼þµÄEOS KISS X10 / EOS D REBEL SL3 / EOS 200D / EOS 250D £»Ê¹ÓÃ1.0.0¼°Ö®Ç°°æ±¾¹Ì¼þµÄEOS 8000D / EOS D REBEL T6S / EOS 760D £»Ê¹ÓÃ1.0.2¼°Ö®Ç°°æ±¾¹Ì¼þµÄEOS 9000D / EOS 77D £»Ê¹ÓÃ1.0.2¼°Ö®Ç°°æ±¾¹Ì¼þµÄEOS KISS X70 / EOS D REBEL T5 / EOS 1200D £»Ê¹ÓÃ1.0.2¼°Ö®Ç°°æ±¾¹Ì¼þµÄEOS D REBEL T5 RE / EOS 1200D MG / EOS HI £»Ê¹ÓÃ1.1.0¼°Ö®Ç°°æ±¾¹Ì¼þµÄEOS KISS X80 / EOS D REBEL T6 / EOS 1300D £»Ê¹ÓÃ1.0.0 ¼°Ö®Ç°°æ±¾¹Ì¼þµÄEOS KISS X90 / EOS D REBEL T7 / EOS 1500D / EOS 2000D £»Ê¹ÓÃ1.0.0 ¼°Ö®Ç°°æ±¾¹Ì¼þµÄEOS D REBEL T100 / EOS 3000D / EOS 4000D £»Ê¹ÓÃ1.3.0¼°Ö®Ç°°æ±¾¹Ì¼þµÄEOS R £»Ê¹ÓÃ1.2.0¼°Ö®Ç°°æ±¾¹Ì¼þµÄEOS RP £»Ê¹ÓÃ1.2.0¼°Ö®Ç°°æ±¾¹Ì¼þµÄEOS RP GOLD £»Ê¹ÓÃ1.0.3¼°Ö®Ç°°æ±¾¹Ì¼þµÄEOS M2 £»Ê¹ÓÃ1.2.0¼°Ö®Ç°°æ±¾¹Ì¼þµÄEOS M3 £»Ê¹ÓÃ1.0.1¼°Ö®Ç°°æ±¾¹Ì¼þµÄEOS M5 £»Ê¹ÓÃ1.0.1¼°Ö®Ç°°æ±¾¹Ì¼þµÄEOS M6 £»Ê¹ÓÃ5.0.0¼°Ö®Ç°°æ±¾¹Ì¼þµÄEOS M6(China) £»Ê¹ÓÃ1.1.0¼°Ö®Ç°°æ±¾¹Ì¼þµÄEOS M10 £»Ê¹ÓÃ1.1.0¼°Ö®Ç°°æ±¾¹Ì¼þµÄEOS M100 £»Ê¹ÓÃ1.0.2¼°Ö®Ç°°æ±¾¹Ì¼þµÄEOS KISS M / EOS M50 £»Ê¹ÓÃ1.0.1¼°Ö®Ç°°æ±¾¹Ì¼þµÄPowerShot SX740 HS £»Ê¹ÓÃ1.0.1¼°Ö®Ç°°æ±¾¹Ì¼þµÄPowerShot SX70 HS £»Ê¹ÓÃ1.0.1¼°Ö®Ç°°æ±¾¹Ì¼þµÄPowerShot G5Xmark¡£


CVE-2019-5994  -  SendObjectInfoº¯ÊýÖеĻº³åÇøÒç³ö
CVE-2019-5998  -  NotifyBtStatusº¯ÊýÖеĻº³åÇøÒç³ö
CVE-2019-5999  -  BLERequestº¯ÊýÖеĻº³åÇøÒç³ö
CVE-2019-6000  -  SendHostInfoº¯ÊýÖеĻº³åÇøÒç³ö
CVE-2019-6001  -  SetAdapterBatteryReportº¯ÊýÖеĻº³åÇøÒç³ö
CVE-2019-5995  -  ¾²Ä¬¶ñÒâ¹Ì¼þ¸üÐÂ


Îó²îÑéÖ¤


ÔÝÎÞPOC¡¢EXP¡£


CheckPointµÄÇå¾²Ñо¿Ö°Ô±Õ¹Ê¾Á˺ڿÍʹÓÃEOS±£´æµÄÈô¸ÉÇå¾²Îó²î£¬Í¨¹ýUSBºÍWiFi¾ÙÐй¥»÷£¬ÉÏ´«ÀÕË÷Èí¼þÔ¶³ÌѬȾµ¥·´Ïà»ú£¬²¢½«Ë½ÈËÕÕƬºÍÊÓƵ¼ÓÃÜ¡£


×ðÁú¿­Ê±¡¤(ÖйúÇø)ÈËÉú¾ÍÊDz«!


×ðÁú¿­Ê±¡¤(ÖйúÇø)ÈËÉú¾ÍÊDz«!


ÐÞ¸´½¨Òé


ÏÖÔÚ³§ÉÌÖ»Ðû²¼Á˲úÆ·EOS80DµÄÉý¼¶²¹¶¡ÒÔÐÞ¸´Îó²î£¬ÆäËü²úÆ·µÄÉý¼¶²¹¶¡ÔÝδÐû²¼£¬ÏêÇéÇë²Î¿¼Á´½Ó£º
https://cweb.canon.jp/e-support/products/eos-d/190806dilc-firm.html


²Î¿¼Á´½Ó


https://thehackernews.com/2019/08/dslr-camera-hacking.html
https://www.canon-europe.com/support/product-security/