Canon Medical Systems Security Advisory

Overview:
It was announced that there is security vulnerability that affects Windows Common Log File System Driver. In case that an attacker has access and the ability to run code on the target system, attacker could elevate his/her privileges. 
REF: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-37969

Vulnerability Overview:
Exploiting this vulnerability in the Common Log File System (CLFS) could allow an authenticated attacker to execute code via privilege escalation. This type of vulnerability can often be exploited through some form of social engineering, such as prompting the user to open a file or click a link. As a result, a privileged user can execute code and compromise the target system.

Possible Affected Canon Medical Systems Products:
Canon Medical Systems Corporation is aware of the elevation of privilege vulnerability in Windows Common Log File System Driver, identified as CVE-2022-37969. Since an attacker must already have access and the ability to run code on the target system, it is assumed that there is unlikely to affect to our products. And we have not confirmed that this vulnerability has been exploited in our products at this time.

Canon Medical Systems Corporation continues to analyze and address potential impacts to our products and will update this security advisory as the investigation continues.

Resolution:
・ None