CVE-2025-42598

CveFindCom

[CVE-2025-42598: HIGH] SEIKO EPSON printer drivers for Windows have a security flaw allowing attackers to execute code on a system if a user is tricked into placing a malicious DLL file.#cve,CVE-2025-42598,#cybersecurity https://t.co/fKuO5PnjCt

syedaquib77

Vulnerability Alert: Seiko Epson Windows Printer Driver Improper File Access Permission Vulnerability Timeline: Disclosure: 2025-04-28, Patch: Not Specified Attribution: Private security researcher Erkan Ekici CVE: [CVE-2025-42598] BaseScore: [8.4] CVSS Metrics: [AV:L/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N] cvssSeverity: High EPSS Percentile: 0% ExploitMaturity: Not Available AffectedVersions: [] FixedVersions: [Epson Printer Driver Security Support Tool] Attack Vectors: - Arbitrary code execution (SYSTEM privileges) Summary: Seiko Epson's Windows printer drivers are vulnerable to improper file access permissions (CWE-276) when installed or used in a language environment other than Japanese. This vulnerability could allow arbitrary code execution with SYSTEM privileges on the affected Windows system. Exploitation requires a user to place a specially crafted DLL file in a location intended by an attacker. The vulnerability is reported by private security researcher Erkan Ekici. Impact Scope: Allows execution of arbitrary code leading to potential system takeover. Recommended Actions: - Apply the Epson Printer Driver Security Support Tool to adjust folder permissions and mitigate this vulnerability. Related Resources: - https://t.co/vZqgMbyXJU Tags: #SeikoEpson #PrinterDriver #Windows #ImproperAccessControl #CWE-276 #CVSSHigh #CVE-2025-42598 #Cybersecurity