CVE-2026-9260
6.2 MEDIUMUse of hard-coded cryptographic keys in Canon EOS Network Setting Tool Version 1.5.0 or earlier
Published: 2026-06-16 · Last updated: 2026-06-16
Severity and scoring
- CVSS
- 6.2 MEDIUM
- Vector
- CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
- CWE
- CWE-321
Description
Use of hard-coded cryptographic keys in Canon EOS Network Setting Tool Version 1.5.0 or earlier
Source: NVD
References
- [NVD]https://nvd.nist.gov/vuln/detail/CVE-2026-9260
- [Other]https://canon.jp/support/support-info/260615vulnerability-response
- [Other]https://psirt.canon/advisory-information/cp2026-005/
- [Other]https://www.canon-europe.com/support/product-security/
- [Other]https://www.usa.canon.com/about-us/to-our-customers/cpa2026-005-vulnerability-remediation-for-eos-network-setting-tool
Related CVEs
Same CWE
- CVE-2026-34029 — The Wertheim SafeController Software, AssemblyVersion 6.15.8328.28014, contains a hard-coded cryptographic key in the SafeSystem.Infrastr...
- CVE-2026-34022 — The Wertheim SafeController Family 65000, Controller 65000 - AssemblyVersion 6.11.8130.22319, uses weak custom cryptographic algorithms w...
- CVE-2026-28742 — Naxclow devices use a uniform request-signing scheme based on a hard-coded, platform-wide salt embedded in every firmware image (9.8 CRITICAL)
- CVE-2026-50091 — Aqara Home Android (com.lumiunited.aqarahome) 6.0.0 (and white-label clients embedding the same liblumidevsdk.so) uses hard-coded cryptog... (9.1 CRITICAL)
- CVE-2026-11505 — A flaw has been found in GL.iNet A1300, AX1800, AXT1800, MT2500, MT3000, MT6000, X3000 and XE3000 4.8.x (5.0 MEDIUM)