34 matches found
CVE-2026-23767
ESC/POS, a printer control language designed by Seiko Epson Corporation, lacks mechanisms for user authentication and command authorization, does not provide controls to restrict sources or destinations of network communication, and transmits commands without encryption or integrity protection...
CVE-2025-4960
The com.epson.InstallNavi.helper tool, deployed with the EPSON printer driver installer, contains a local privilege escalation vulnerability due to multiple flaws in its implementation. It fails to properly authenticate clients over the XPC protocol and does not correctly enforce macOS’s...
CVE-2025-4960 macOS Local Privilege Escalation via Improper Authorization Handling in EPSON Printer Controller Installer
The com.epson.InstallNavi.helper tool, deployed with the EPSON printer driver installer, contains a local privilege escalation vulnerability due to multiple flaws in its implementation. It fails to properly authenticate clients over the XPC protocol and does not correctly enforce macOS’s...
CVE-2025-4960
CVE-2025-4960 affects macOS via the EPSON printer driver installer’s com.epson.InstallNavi.helper, which exposes privileged functionality due to improper authorization handling and weak client authentication over XPC. The API flow uses overly permissive custom rights registered in /var/db/auth.db...
EPSON Printer Controller Installer 安全漏洞
EPSON Printer Controller Installer is a printer driver installation software developed by EPSON, a Japanese company. The EPSON Printer Controller Installer has a security vulnerability, which stems from improper client authentication using the XPC protocol and incorrect execution of the macOS...
CVE-2020-36984
EPSON 1.124 contains an unquoted service path vulnerability in the SENADB service that allows local attackers to execute code with elevated system privileges. Attackers can exploit the unquoted path in C:\Program Files x86\EPSONP2B\Printer Software\Status Monitor\ to inject malicious executables...
CVE-2020-36984 EPSON 1.124 - 'seksmdb.exe' Unquoted Service Path
EPSON 1.124 contains an unquoted service path vulnerability in the SENADB service that allows local attackers to execute code with elevated system privileges. Attackers can exploit the unquoted path in C:\Program Files x86\EPSONP2B\Printer Software\Status Monitor\ to inject malicious executables...
Epson printer code issue vulnerabilities
The Epson printer is a product of the Japanese company Epson. The Epson Printer 1.124 version has a code vulnerability. This vulnerability stems from an issue with the SENADB service, where a service path is not enclosed in quotes, which may allow code to be executed with elevated system privileg...
EUVD-2018-6785
Malware in sbrugna...
EUVD-2004-1108
Malware in sbrugna...
EUVD-2025-12570
Malicious code in bioql PyPI...
EUVD-2023-42355
Malicious code in bioql PyPI...
CVE-2023-38556
Improper input validation vulnerability in SEIKO EPSON printer Web Config allows a remote attacker to turned off the printer. Note Web Config is the software that allows users to check the status and change the settings of SEIKO EPSON printers via a web browser. Web Config is pre-installed in som...
CVE-2025-42598
Multiple SEIKO EPSON printer drivers for Windows OS are configured with an improper access permission settings when installed or used in a language other than English. If a user is directed to place a crafted DLL file in a location of an attacker's choosing, the attacker may execute arbitrary cod...
CVE-2025-42598
Multiple SEIKO EPSON printer drivers for Windows OS are configured with an improper access permission settings when installed or used in a language other than English. If a user is directed to place a crafted DLL file in a location of an attacker's choosing, the attacker may execute arbitrary cod...
CVE-2025-42598
Multiple SEIKO EPSON printer drivers for Windows OS are configured with an improper access permission settings when installed or used in a language other than English. If a user is directed to place a crafted DLL file in a location of an attacker's choosing, the attacker may execute arbitrary cod...
CVE-2025-42598
CVE-2025-42598 affects multiple SEIKO EPSON printer drivers for Windows. The issue stems from improper access permission settings in non‑English environments, enabling a user‑driven attack to place a crafted DLL in an attacker‑controlled location and execute arbitrary code with SYSTEM privileges ...
CVE-2025-42598
Multiple SEIKO EPSON printer drivers for Windows OS are configured with an improper access permission settings when installed or used in a language other than English. If a user is directed to place a crafted DLL file in a location of an attacker's choosing, the attacker may execute arbitrary cod...
PT-2025-18052 · Seiko Epson · Seiko Epson Printer Drivers
Name of the Vulnerable Software and Affected Versions: SEIKO EPSON printer drivers for Windows affected versions not specified Description: The issue concerns multiple SEIKO EPSON printer drivers for Windows OS, which are configured with improper access permission settings when installed or used ...
CVE-2019-20460
An issue was discovered on Epson Expression Home XP255 20.08.FM10I8 devices. POST requests don't require anti-CSRF tokens or other mechanisms for validating that the request is from a legitimate source. In addition, CSRF attacks can be used to send text directly to the RAW printer interface. For...