CVE-2020-5674

🗓️ 24 Nov 2020 06:55:23Reported by jpcertType

Untrusted search path vulnerability in SEIKO EPSON installers allows privilege escalation via Trojan horse DL

Reporter	Title	Published	Views	Family All 9
CNNVD	SEIKO EPSON CORPORATION Multiple Products Code Issue Vulnerability	20 Nov 202000:00	–	cnnvd
Cvelist	CVE-2020-5674	24 Nov 202006:55	–	cvelist
EUVD	EUVD-2020-26835	7 Oct 202500:30	–	euvd
Japan Vulnerability Notes	JVN#26835001: The installers of multiple SEIKO EPSON products may insecurely load Dynamic Link Libraries	20 Nov 202000:00	–	jvn
Japan Vulnerability Notes	The installers of multiple SEIKO EPSON products may insecurely load Dynamic Link Libraries	20 Nov 202006:39	–	jvn
NVD	CVE-2020-5674	24 Nov 202007:15	–	nvd
Prion	Design/Logic Flaw	24 Nov 202007:15	–	prion
RedhatCVE	CVE-2020-5674	22 May 202516:26	–	redhatcve
Tenable Nessus	EPSON Printers Uncontrolled Search Path Element (CVE-2020-5674)	5 Feb 202600:00	–	nessus

NVD

Vulners

Node

epson album_printMatch-update_program

epson color_calibration_utilityMatch-

epson colorbaseMatch-

epson colorio_easy_printMatch-

epson connectMatch-

epson creativity_suiteMatch-

epson e-photoMatch-camera_raw

epson e-photoMatch-picture_motion_browser

epson easy_photo_printMatch--

epson easy_photo_printMatch-camera_raw

epson easy_settingsMatch-office

epson imaging_workshopMatch-

epson link2Match-

epson multi-print_quickerMatch-windows

epson net_configMatch-

epson net_config_seMatch-

epson net_printMatch-

epson net_software_development_kitMatch-

epson photolierMatch-

epson photoquickerMatch-

epson photostarterMatch3.1

epson pm-t990_integrated_installerMatch-windows

epson printMatch-playmemories_home

epson printMatch-silkypix

epson printMatch-viewnx

epson print_image_framer_toolMatch-

epson print_layoutMatch-photoshop

epson prolab_printMatch-

epson prolab_printMatch-camera_raw

epson remote_printer_driverMatch-

epson scan_icm_updaterMatch-

epson scanner_driverMatch-

epson web_to_pageMatch-

epson webconfigMatch-

Node

epson universal_print_driverMatch-

AND

microsoft windowsMatch-x64

microsoft windowsMatch-x86

Node

epson status_monitor_2Match-

epson status_monitor_3Match-

AND

microsoft windowsMatch-

Node

epson ec-01_firmwareMatch-

AND

epson ec-01Match-

Node

epson print_image_framer_toolMatch-

AND

microsoft windows_98Match-

microsoft windows_meMatch-

[
  {
    "product": "the installers of multiple SEIKO EPSON products",
    "vendor": "SEIKO EPSON CORPORATION",
    "versions": [
      {
        "status": "affected",
        "version": "A wide range of versions for the following products are affected -- Epson Web Installer, EPSON printer drivers, EPSON scanner drivers, EPSON Scan ICM Updaters, EPSON Printer Window!3, EPSON Printer Window!2 Firmware update programs, Network configuration utilities, Network print port monitors, Printer monitor SDK, Colorio series, Large-size printer related software, Laser printers, Copy station related software, Dot impact printer related software, Disk duplicator related software, CRYSTARIO related software, SureLab related software, Offirio Synergyware related software, Scanner related software, Digital cameras and Photo viewers related software, Projector related software, and PULSENSE and WristableGPS related software"
      }
    ]
  }
]

Source	Link
epson	www.epson.jp/support/pdf/fy20-001_softwareList_20201106_b.pdf
jvn	www.jvn.jp/en/jp/JVN26835001/index.html
epson	www.epson.jp/support/misc_t/201119_oshirase.htm

21 Nov 2024 05:34Current

7.7High risk

Vulners AI Score7.7

CVSS 24.4

CVSS 3.17.8

EPSS0.00082

CWE-427