Improper Certificate Validation in Canon EOS Network Setting Tool
CVE-2026-9259

7.1HIGH

Key Information:

Vendor: Canon Inc.
Status: Eos Network Setting Tool For Windows; Eos Network Setting Tool For Mac OS
Vendor: CVE Published:; 15 June 2026

What is CVE-2026-9259?

The Canon EOS Network Setting Tool, specifically in Version 1.5.0 and earlier, has a vulnerability that arises from improper validation of server certificates. This flaw can potentially allow malicious entities to intercept communications, posing risks to data integrity and user security. Users are advised to remain vigilant and update their software to the latest version to mitigate potential security threats.

Affected Version(s)

EOS Network Setting Tool for macOS 1.5.0 or earlier

EOS Network Setting Tool for Windows 1.5.0 or earlier

References

https://psirt.canon/advisory-information/cp2026-005/

vendor-advisory

https://canon.jp/support/support-info/260615vulnerability...

vendor-advisory

https://www.usa.canon.com/about-us/to-our-customers/cpa20...

vendor-advisory

CVSS V4

Score:

7.1

Severity:

HIGH

Confidentiality:

High

Integrity:

None

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Attack Required:

None

Privileges Required:

Undefined

User Interaction:

Unknown

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jun 15, 2026
Vulnerability Reserved
May 21, 2026

Credit

This issue was discovered by Ryan Hausknecht (@haus3c)

CVE-2026-9259 Data

JSON

Canon Inc.

What is CVE-2026-9259?

Affected Version(s)

References

CVSS V4

Timeline

Credit