Known Vulnerabilities for products from Epson
Listed below are 20 of the newest known vulnerabilities associated with the vendor "Epson".
These CVEs are retrieved based on exact matches on listed vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed vendor information are still displayed.
Data on known vulnerable products is also displayed based on information from known CPEs, each product links to its respective vulnerability page.
Additional devices specifications by Epson can be found at device.report : Epson
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2023-38556 json | Improper input validation vulnerability in SEIKO EPSON printer Web Config allows a remote attacker to turned off the printer.... | 7.5 - HIGH | 2023-08-02 | 2023-08-07 |
| CVE-2023-27520 json | Cross-site request forgery (CSRF) vulnerability in SEIKO EPSON printers/network interface Web Config allows a remote unauthen... | 6.5 - MEDIUM | 2023-04-11 | 2023-08-24 |
| CVE-2023-23572 json | Cross-site scripting vulnerability in SEIKO EPSON printers/network interface Web Config allows a remote authenticated attacke... | 4.8 - MEDIUM | 2023-04-11 | 2023-08-24 |
| CVE-2022-36133 json | The WebConfig functionality of Epson TM-C3500 and TM-C7500 devices with firmware version WAM31500 allows authentication bypas... | 9.1 - CRITICAL | 2022-11-25 | 2023-08-08 |
| CVE-2020-28931 json | Lack of an anti-CSRF token in the entire administrative interface in EPSON EPS TSE Server 8 (21.0.11) allows an unauthenticat... | 8.8 - HIGH | 2020-12-16 | 2020-12-17 |
| CVE-2020-28930 json | A Cross-Site Scripting (XSS) issue in the 'update user' and 'delete user' functionalities in settings/users.php in EPSON EPS ... | 5.4 - MEDIUM | 2020-12-16 | 2020-12-17 |
| CVE-2020-28929 json | Unrestricted access to the log downloader functionality in EPSON EPS TSE Server 8 (21.0.11) allows an unauthenticated attacke... | 9.8 - CRITICAL | 2020-12-16 | 2021-07-21 |
| CVE-2020-12695 json | The Open Connectivity Foundation UPnP specification before 2020-04-17 does not forbid the acceptance of a subscription reques... | 7.5 - HIGH | 2020-06-08 | 2023-11-07 |
| CVE-2020-9453 json | In Epson iProjection v2.30, the driver file EMP_MPAU.sys allows local users to cause a denial of service (BSOD) or possibly h... | 5.5 - MEDIUM | 2021-02-05 | 2023-02-17 |
| CVE-2020-9014 json | In Epson iProjection v2.30, the driver file (EMP_NSAU.sys) allows local users to cause a denial of service (BSOD) via crafted... | 5.5 - MEDIUM | 2021-02-05 | 2023-02-03 |
| CVE-2020-6091 json | An exploitable authentication bypass vulnerability exists in the ESPON Web Control functionality of Epson EB-1470Ui MAIN: 980... | 9.1 - CRITICAL | 2020-05-22 | 2022-04-28 |
| CVE-2020-5681 json | Untrusted search path vulnerability in self-extracting files created by EpsonNet SetupManager versions 2.2.14 and earlier, an... | 7.8 - HIGH | 2020-12-24 | 2020-12-30 |
| CVE-2020-5674 json | Untrusted search path vulnerability in the installers of multiple SEIKO EPSON products allows an attacker to gain privileges ... | 7.8 - HIGH | 2020-11-24 | 2021-07-21 |
| CVE-2018-19248 json | The web service on Epson WorkForce WF-2861 10.48 LQ22I3(Recovery-mode), WF-2861 10.51.LQ20I6, and WF-2861 10.52.LQ17IA device... | 9.1 - CRITICAL | 2018-12-24 | 2020-08-24 |
| CVE-2018-19232 json | The web service on Epson WorkForce WF-2861 10.48 LQ22I3(Recovery-mode), WF-2861 10.51.LQ20I6, and WF-2861 10.52.LQ17IA device... | 7.5 - HIGH | 2018-12-24 | 2020-08-24 |
| CVE-2018-18960 json | An issue was discovered on Epson WorkForce WF-2861 10.48 LQ22I3, 10.51.LQ20I6 and 10.52.LQ17IA devices. They use SNMP to find... | 5.9 - MEDIUM | 2018-12-24 | 2020-08-24 |
| CVE-2018-18959 json | An issue was discovered on Epson WorkForce WF-2861 10.48 LQ22I3, 10.51.LQ20I6 and 10.52.LQ17IA devices. On the 'Air Print Set... | 7.5 - HIGH | 2018-12-24 | 2020-08-24 |
| CVE-2018-14903 json | EPSON WF-2750 printers with firmware JP02I2 do not properly validate files before running updates, which allows remote attack... | 7.5 - HIGH | 2018-08-30 | 2018-11-08 |
| CVE-2018-14902 json | The ContentProvider in the EPSON iPrint application 6.6.3 for Android does not properly restrict data access. This allows an ... | 7.5 - HIGH | 2018-08-30 | 2018-11-08 |
| CVE-2018-14901 json | The EPSON iPrint application 6.6.3 for Android contains hard-coded API and Secret keys for the Dropbox, Box, Evernote and One... | 7.5 - HIGH | 2018-08-30 | 2019-10-03 |
Known software with vulnerabilities from Epson
| Type | Vendor | Product | Version |
|---|---|---|---|
| Application | Epson | Airprint | 1-19-2018 |
| Application | Epson | Album Print | - |
| Application | Epson | Colorbase | - |
| Application | Epson | Colorio Easy Print | - |
| Application | Epson | Color Calibration Utility | - |
| Application | Epson | Connect | - |
| Application | Epson | Copy Utility | 3.4.0.0 |
| Application | Epson | Creativity Suite | - |
| Application | Epson | E-photo | - |
| Application | Epson | Easymp | 2.86 |
| Application | Epson | Easy Photo Print | - |
| Application | Epson | Easy Settings | - |
| Hardware | Epson | Eb-1470ui | - |
| Operating System | Epson | Eb-1470ui Firmware | - |
| Hardware | Epson | Ec-01 | - |
| Operating System | Epson | Ec-01 Firmware | - |
| Application | Epson | Event Manager | 2.1.0 |
| Application | Epson | Imaging Workshop | - |
| Application | Epson | Iprint | 6.6.3 |
| Application | Epson | Link2 | - |