Canon Security Advisory

A remote code execution vulnerability exists in Windows Domain Name System servers when they fail to properly handle requests. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the Local System Account. Windows servers that are configured as DNS servers are at risk from this vulnerability.
To exploit the vulnerability, an unauthenticated attacker could send malicious requests to a Windows DNS server.
The update addresses the vulnerability by modifying how Windows DNS servers handle requests.
REF: https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1350

Overview:
Note: This Vulnerability is currently awaiting updated analysis and represents our best knowledge as of the most recent revision. As a result, the content is subject to change as further analysis is performed and the results are updated.
Canon continues to investigate the applicability of this vulnerability to Medical Imaging Devices manufactured by Canon.

REFERENCE:
MITRE CVE-2020-1350
This vulnerability is only applicable to Microsoft Windows Server systems that are configured as DNS server. Canon does not manufacture any imaging products operating on Windows Server configured as DNS server.

Possible Affected Canon's medical products:
Affected Canon's medical products
・ None

Canon's medical products under investigation
・ None

Resolution:
・ None