Japan Vulnerability NotesJVN:61337171JVN#61337171: SEIKO EPSON printer Web Config vulnerable to denial-of-service (DoS)
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
EPSS
Percentile
53.9%
SEIKO EPSON printer Web Config contains a denial-of-service (DoS) vulnerability due to improper input validation (CWE-20).
Impact
The printer may be turned off by a remote attacker.
Solution
Apply workarounds
The developer strongly recommends users to apply workarounds, as the update firmware for the printers is not planned to be released.
For more information, refer to the information provided by the developer.
Products Affected
- Web Config
Web Config is software that allows users to check the status and change the settings of SEIKO EPSON printers via a web browser.
Web Config is pre-installed on some printers provided by SEIKO EPSON CORPORATION. For the details of the affected product names/model numbers, refer to the information provided by the developer.
Related
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
EPSS
Percentile
53.9%