Again, we should stress that this is not necessarily a Canon-specific issue, as it is the Picture Transfer Protocol itself (rather than the cameras) that exhibits the security flaw. Photographers should remain vigilant and check for security updates from the manufacturers of their equipment.
Our research shows how an attacker inclose proximity (WiFi), or an attacker who already hijacked our PC (USB), can also propagate to and infect our beloved cameras with malware.
Chaining everything together requires the attacker to first set-up a rogue WiFi Access Point. Say Cheese: Ransomware-ing a DSLR Camera - Check Point Research
Seems more of a proof of concept than a realworld risk. And that will be blocked by the Canon firmware updates.