PatchSiren

PatchSiren cyber security CVE debrief

CVE-2026-9259 Canon Inc. CVE debrief

CVE-2026-9259 is a HIGH-severity vulnerability (CVSS Score: 7.1) affecting Canon EOS Network Setting Tool Version 1.5.0 or earlier. The vulnerability is caused by improper validation of server certificates.

Vendor
Canon Inc.
Product
EOS Network Setting Tool for Windows
CVSS
HIGH 7.1
CISA KEV
Not listed in stored evidence
Original CVE published
2026-06-16
Original CVE updated
2026-06-16
Advisory published
2026-06-16
Advisory updated
2026-06-16

Who should care

Users of Canon EOS Network Setting Tool Version 1.5.0 or earlier should be aware of this vulnerability and take necessary actions to mitigate the risk.

Technical summary

The vulnerability is caused by improper validation of server certificates in Canon EOS Network Setting Tool Version 1.5.0 or earlier. This could potentially allow an attacker to intercept or manipulate sensitive data.

Defensive priority

HIGH

Recommended defensive actions

  • Update Canon EOS Network Setting Tool to the latest version.
  • Refer to [ref-4](https://canon.jp/support/support-info/260615vulnerability-response) for more information.
  • Refer to [ref-5](https://psirt.canon/advisory-information/cp2026-005/) for more information.
  • Refer to [ref-6](https://www.canon-europe.com/support/product-security/) for more information.
  • Refer to [ref-7](https://www.usa.canon.com/about-us/to-our-customers/cpa2026-005-vulnerability-remediation-for-eos-network-setting-tool) for more information.

Evidence notes

The vendor is identified as Canon based on the evidence from reference_domain_candidate.

Official resources

CVE-2026-9259 was published on 2026-06-16T00:16:35.623Z and has not been modified since then.