Canon strengthens vulnerability countermeasures through CNA authorization

London, 21 February 2023 – Canon, a world-leader in imaging solutions, has strengthened its vulnerability countermeasures by being authorized as a CNA (CVE Numbering Authority).

The authorization empowers Canon to index and publish vulnerability information by assigning an internationally recognized CVE (Common Vulnerabilities and Exposures) ID to any issues discovered in Canon hardware or software.

A CVE ID is a unique identifier assigned to each vulnerability within the database managed by the CVE Program, an international initiative aimed at discovering vulnerabilities. By managing a unified system that assigns a unique CVE ID to each vulnerability, it is easier to share information and associate additional information with that vulnerability.

Canon, now authorized as a CNA, can assign and publish CVE IDs for Canon product and service vulnerabilities. This enables CVE IDs, conventionally indexed by third parties, to be identified and judged more quickly, thus helping Canon to index the product or service vulnerability. In turn, this framework is expected to make possible more prompt resolutions to security-related issues.

This news follows last year’s launch of a global Canon PSIRT (Product Security Incident Response Team) site for reporting product vulnerabilities in Canon’s consumer and B2B products, directly to Canon’s cyber security team.

Canon will continue to ensure customers can use the company's products and services with peace of mind through the strengthening of vulnerability countermeasures and continuous efforts to improve the level of security.