News Release

February 15, 2023

Canon Inc.

Canon establishes security website for gathering information on product and service vulnerabilities, strengthens vulnerability countermeasures through CNA authorization

TOKYO, February 15, 2023—Canon Inc. announced today that the company has established the Canon PSIRT (Product Security Incident Response Team), and a security website (https://psirt.canon) designed to gather and centralize information on, and respond to, product and service vulnerabilities. In addition, the company has strengthened its vulnerability countermeasures by being authorized1 as a CNA (CVE Numbering Authority), which empowers the company to index and publish vulnerability information by assigning an internationally recognized CVE (Common Vulnerabilities and Exposures) ID.

  Canon PSIRT

Canon has established the Canon PSIRT global website as a centralized point of contact for security researchers around the world to report information related to vulnerabilities discovered in Canon products and services. This will empower Canon to respond swiftly to security researchers and promote early discovery and resolution of security-related issues.
Security website Canon PSIRT2: https://psirt.canon

A CVE ID is a unique identifier assigned to each vulnerability within the database managed by the CVE Program, an international initiative aimed at discovering vulnerabilities. By managing a unified system that assigns a unique CVE ID to each vulnerability, it is easier to share information and associate additional information with that vulnerability. Canon, now authorized as a CNA, can assign and publish CVE IDs for Canon product and service vulnerabilities. This enables CVE IDs, conventionally indexed by third-parties, to be more quickly identified and judged, thus helping Canon to index the product or service vulnerability. In turn, this framework is expected to make possible more prompt resolutions to security-related issues.

Going forward, Canon will continue striving to ensure customers can use the company’s products and services with peace of mind through the strengthening of vulnerability countermeasures and continuous efforts to improve the level of security.

  • 1

    Canon Inc. received an invitation from JPCERT Coordination Center (JPCERT/CC) to apply to become a CNA and was authorized by the CVE Program.

  • 2

    As the majority of security researchers communicate in English, Canon’s security website operates with English as the standard language.