Canon Security Advisory

An elevation of privilege vulnerability exists when an attacker establishes a vulnerable Netlogon secure channel connection to a domain controller, using the Netlogon Remote Protocol (MS-NRPC). An attacker who successfully exploited the vulnerability could run a specially crafted application on a device on the network.
To exploit the vulnerability, an unauthenticated attacker would be required to use MS-NRPC to connect to a domain controller to obtain domain administrator access.
REF: https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1472

Overview:
Note: This Vulnerability is currently awaiting updated analysis and represents our best knowledge as of the most recent revision. As a result, the content is subject to change as further analysis is performed and the results are updated.
Canon continues to investigate the applicability of this vulnerability to Medical Imaging Devices manufactured by Canon.

REFERENCE:
MITRE CVE-2020-1472
This vulnerability is only applicable to Microsoft Windows Server systems that are configured as domain controller. Canon does not manufacture any imaging products operating on Windows Server configured as domain controller.

Possible Affected Canon Products:
Affected Canon Products
・ None

Canon under investigation
・ None

Resolution:
・ None