Epson
Don't miss out!
Thousands of developers use stack.watch to stay informed.Get an email whenever new security vulnerabilities are reported in any Epson product.
RSS Feeds for Epson security vulnerabilities
Create a CVE RSS feed including security vulnerabilities found in Epson products with stack.watch. Just hit watch, then grab your custom RSS feed url.
Products by Epson Sorted by Most Security Vulnerabilities since 2018
By the Year
In 2026 there have been 4 vulnerabilities in Epson with an average score of 7.8 out of ten. Last year, in 2025 Epson had 1 security vulnerability published. That is, 3 more vulnerabilities have already been reported in 2026 as compared to last year.
| Year | Vulnerabilities | Average Score |
|---|---|---|
| 2026 | 4 | 7.80 |
| 2025 | 1 | 0.00 |
| 2024 | 3 | 8.67 |
| 2023 | 0 | 0.00 |
| 2022 | 0 | 0.00 |
| 2021 | 2 | 0.00 |
| 2020 | 2 | 7.80 |
| 2019 | 0 | 0.00 |
| 2018 | 3 | 6.10 |
It may take a day or so for new Epson vulnerabilities to show up in the stats or in the list of recent security vulnerabilities. Additionally vulnerabilities may be tagged under a different product or component name.
Recent Epson Security Vulnerabilities
| CVE | Date | Vulnerability | Products |
|---|---|---|---|
| CVE-2025-4960 | Feb 19, 2026 |
Epson InstallNavi Helper Local Priv Esc via XPC on macOSThe com.epson.InstallNavi.helper tool, deployed with the EPSON printer driver installer, contains a local privilege escalation vulnerability due to multiple flaws in its implementation. It fails to properly authenticate clients over the XPC protocol and does not correctly enforce macOSs authorization model, exposing privileged functionality to untrusted users. Although it invokes the AuthorizationCopyRights API, it does so using overly permissive custom rights that it registers in the systems authorization database (/var/db/auth.db). These rights can be requested and granted by the authorization daemon to any local user, regardless of privilege level. As a result, an attacker can exploit the vulnerable service to perform privileged operations such as executing arbitrary commands or installing system components without requiring administrative credentials. |
Epson Printer Controller Installer
|
| CVE-2020-37064 | Feb 01, 2026 |
EPSON EasyMP NP 2.81 Unquoted Service Path Vulnerability (LocalSystem)EPSON EasyMP Network Projection 2.81 contains an unquoted service path vulnerability in the EMP_NSWLSV service that allows local users to potentially execute arbitrary code. Attackers can exploit the unquoted path in C:\Program Files (x86)\EPSON Projector\EasyMP Network Projection V2\ to inject malicious code that would execute with LocalSystem privileges. |
|
| CVE-2020-36984 | Jan 28, 2026 |
EPSON SENADB Unquoted Path Exec (1.124)EPSON 1.124 contains an unquoted service path vulnerability in the SENADB service that allows local attackers to execute code with elevated system privileges. Attackers can exploit the unquoted path in C:\Program Files (x86)\EPSON_P2B\Printer Software\Status Monitor\ to inject malicious executables that will run with LocalSystem permissions. |
|
| CVE-2021-47898 | Jan 23, 2026 |
Epson USB Display 1.6.0.0 Unquoted Svc Path Vulnerability (EMP_UDSA)Epson USB Display 1.6.0.0 contains an unquoted service path vulnerability in the EMP_UDSA service running with LocalSystem privileges. Attackers can exploit the unquoted path by placing malicious executables in intermediate directories to gain elevated system access. |
Usb Display
|
| CVE-2023-7326 | Nov 12, 2025 |
Epson Stylus SX510W Web Mgmt DDoS via Malformed Query ParamThe Epson Stylus SX510W embedded web management service fails to properly handle consecutive ampersand characters in query parameters when accessing /PRESENTATION/HTML/TOP/INDEX.HTML. A remote attacker can send a malformed request that triggers improper input parsing or memory handling, resulting in the printer process shutting down or powering off, causing a denial of service condition. |
Stylus
|
| CVE-2019-20460 | Nov 07, 2024 |
Epson XP255 CSRF Print SpoofingAn issue was discovered on Epson Expression Home XP255 20.08.FM10I8 devices. POST requests don't require (anti-)CSRF tokens or other mechanisms for validating that the request is from a legitimate source. In addition, CSRF attacks can be used to send text directly to the RAW printer interface. For example, an attack could deliver a worrisome printout to an end user. |
Xp255
Xp 255
|
| CVE-2019-20458 | Nov 07, 2024 |
Epson XP255 20.08 Unauthenticated Admin AccessAn issue was discovered on Epson Expression Home XP255 20.08.FM10I8 devices. By default, the device comes (and functions) without a password. The user is at no point prompted to set up a password on the device (leaving a number of devices without a password). In this case, anyone connecting to the web admin panel is capable of becoming admin without using any credentials. |
Xp 255
|
| CVE-2019-20459 | Nov 07, 2024 |
Epson XP255 SNMPv1 Community String VulnerabilityAn issue was discovered on Epson Expression Home XP255 20.08.FM10I8 devices. With the SNMPv1 public community, all values can be read, and with the epson community, all the changeable values can be written/updated, as demonstrated by permanently disabling the network card or changing the DNS servers. |
Xp 255
|
| CVE-2020-9453 | Feb 05, 2021 |
In Epson iProjection v2.30, the driver file EMP_MPAU.sysIn Epson iProjection v2.30, the driver file EMP_MPAU.sys allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0x9C402406 and IOCtl 0x9C40240A. (0x9C402402 has only a NULL pointer dereference.) This affects \Device\EMPMPAUIO and \DosDevices\EMPMPAU. |
Iprojection
|
| CVE-2020-9014 | Feb 05, 2021 |
In Epson iProjection v2.30, the driver file (EMP_NSAU.sys)In Epson iProjection v2.30, the driver file (EMP_NSAU.sys) allows local users to cause a denial of service (BSOD) via crafted input to the virtual audio device driver with IOCTL 0x9C402402, 0x9C402406, or 0x9C40240A. \Device\EMPNSAUIO and \DosDevices\EMPNSAU are similarly affected. |
Iprojection
|
| CVE-2020-5674 | Nov 24, 2020 |
Untrusted search path vulnerability in the installers of multiple SEIKO EPSON productsUntrusted search path vulnerability in the installers of multiple SEIKO EPSON products allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory. |
Album Print
Colorbase
Colorio Easy Print
And others... |
| CVE-2020-12695 | Jun 08, 2020 |
The Open Connectivity Foundation UPnP specification before 2020-04-17 does not forbid the acceptance of a subscription request with a delivery URL on a different network segment than the fully qualified event-subscription URLThe Open Connectivity Foundation UPnP specification before 2020-04-17 does not forbid the acceptance of a subscription request with a delivery URL on a different network segment than the fully qualified event-subscription URL, aka the CallStranger issue. |
Ep 101
Ew M970a3t
M571t
And others... |
| CVE-2018-14901 | Aug 30, 2018 |
The EPSON iPrint application 6.6.3 for Android contains hard-coded API and Secret keys for the DropboxThe EPSON iPrint application 6.6.3 for Android contains hard-coded API and Secret keys for the Dropbox, Box, Evernote and OneDrive services. |
Iprint
|
| CVE-2018-14902 | Aug 30, 2018 |
The ContentProvider in the EPSON iPrint application 6.6.3 for Android does not properly restrict data accessThe ContentProvider in the EPSON iPrint application 6.6.3 for Android does not properly restrict data access. This allows an attacker's application to read scanned documents. |
Iprint
|
| CVE-2018-5550 | Feb 08, 2018 |
Versions of Epson AirPrint released prior to January 19, 2018 contain a reflective cross-site scripting (XSS) vulnerability, which canVersions of Epson AirPrint released prior to January 19, 2018 contain a reflective cross-site scripting (XSS) vulnerability, which can allow untrusted users on the network to hijack a session cookie or perform other reflected XSS attacks on a currently logged-on user. |
Airprint
|