Epson Epson

Do you want an email whenever new security vulnerabilities are reported in any Epson product?

Products by Epson Sorted by Most Security Vulnerabilities since 2018

Epson Iprint2 vulnerabilities

Epson Iprojection2 vulnerabilities

Epson Print Layout1 vulnerability

Epson Print1 vulnerability

Epson Prolab Print1 vulnerability

Epson Scan Icm Updater1 vulnerability

Epson Scanner Driver1 vulnerability

Epson Web To Page1 vulnerability

Epson Webconfig1 vulnerability

Epson Xp 1001 vulnerability

Epson Xp 21011 vulnerability

Epson Xp 21051 vulnerability

Epson Xp 2411 vulnerability

Epson Xp 3201 vulnerability

Epson Xp 3301 vulnerability

Epson Xp 3401 vulnerability

Epson Xp 41001 vulnerability

Epson Xp 41051 vulnerability

Epson Xp 4401 vulnerability

Epson Xp 6201 vulnerability

Epson Xp 6301 vulnerability

Epson Xp 7021 vulnerability

Epson Xp 85001 vulnerability

Epson Xp 86001 vulnerability

Epson Xp 9601 vulnerability

Epson Xp 9701 vulnerability

Epson Link21 vulnerability

Epson Album Print1 vulnerability

Epson Colorbase1 vulnerability

Epson Colorio Easy Print1 vulnerability

Epson Connect1 vulnerability

Epson Creativity Suite1 vulnerability

Epson E Photo1 vulnerability

Epson Easy Photo Print1 vulnerability

Epson Easy Settings1 vulnerability

Epson Ep 1011 vulnerability

Epson Ew M970a3t1 vulnerability

Epson Imaging Workshop1 vulnerability

Epson M571t1 vulnerability

Epson Multi Print Quicker1 vulnerability

Epson Net Config1 vulnerability

Epson Net Config Se1 vulnerability

Epson Net Print1 vulnerability

Epson Photolier1 vulnerability

Epson Photoquicker1 vulnerability

Epson Photostarter1 vulnerability

Epson Airprint1 vulnerability

By the Year

In 2022 there have been 0 vulnerabilities in Epson . Last year Epson had 2 security vulnerabilities published. Right now, Epson is on track to have less security vulnerabilities in 2022 than it did last year.

Year Vulnerabilities Average Score
2022 0 0.00
2021 2 5.50
2020 2 7.65
2019 0 0.00
2018 3 7.03

It may take a day or so for new Epson vulnerabilities to show up in the stats or in the list of recent security vulnerabilties. Additionally vulnerabilities may be tagged under a different product or component name.

Recent Epson Security Vulnerabilities

In Epson iProjection v2.30, the driver file EMP_MPAU.sys

CVE-2020-9453 5.5 - Medium - February 05, 2021

In Epson iProjection v2.30, the driver file EMP_MPAU.sys allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0x9C402406 and IOCtl 0x9C40240A. (0x9C402402 has only a NULL pointer dereference.) This affects \Device\EMPMPAUIO and \DosDevices\EMPMPAU.

NULL Pointer Dereference

In Epson iProjection v2.30, the driver file (EMP_NSAU.sys)

CVE-2020-9014 5.5 - Medium - February 05, 2021

In Epson iProjection v2.30, the driver file (EMP_NSAU.sys) allows local users to cause a denial of service (BSOD) via crafted input to the virtual audio device driver with IOCTL 0x9C402402, 0x9C402406, or 0x9C40240A. \Device\EMPNSAUIO and \DosDevices\EMPNSAU are similarly affected.

Untrusted search path vulnerability in the installers of multiple SEIKO EPSON products

CVE-2020-5674 7.8 - High - November 24, 2020

Untrusted search path vulnerability in the installers of multiple SEIKO EPSON products allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory.

Untrusted Path

The Open Connectivity Foundation UPnP specification before 2020-04-17 does not forbid the acceptance of a subscription request with a delivery URL on a different network segment than the fully qualified event-subscription URL

CVE-2020-12695 7.5 - High - June 08, 2020

The Open Connectivity Foundation UPnP specification before 2020-04-17 does not forbid the acceptance of a subscription request with a delivery URL on a different network segment than the fully qualified event-subscription URL, aka the CallStranger issue.

Incorrect Default Permissions

The EPSON iPrint application 6.6.3 for Android contains hard-coded API and Secret keys for the Dropbox

CVE-2018-14901 7.5 - High - August 30, 2018

The EPSON iPrint application 6.6.3 for Android contains hard-coded API and Secret keys for the Dropbox, Box, Evernote and OneDrive services.

Use of Hard-coded Credentials

The ContentProvider in the EPSON iPrint application 6.6.3 for Android does not properly restrict data access

CVE-2018-14902 7.5 - High - August 30, 2018

The ContentProvider in the EPSON iPrint application 6.6.3 for Android does not properly restrict data access. This allows an attacker's application to read scanned documents.

Information Disclosure

Versions of Epson AirPrint released prior to January 19, 2018 contain a reflective cross-site scripting (XSS) vulnerability, which can

CVE-2018-5550 6.1 - Medium - February 08, 2018

Versions of Epson AirPrint released prior to January 19, 2018 contain a reflective cross-site scripting (XSS) vulnerability, which can allow untrusted users on the network to hijack a session cookie or perform other reflected XSS attacks on a currently logged-on user.

XSS

Built by Foundeo Inc., with data from the National Vulnerability Database (NVD), Icons by Icons8. Privacy Policy. Use of this site is governed by the Legal Terms
Disclaimer
CONTENT ON THIS WEBSITE IS PROVIDED ON AN "AS IS" BASIS AND DOES NOT IMPLY ANY KIND OF GUARANTEE OR WARRANTY, INCLUDING THE WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR USE. YOUR USE OF THE INFORMATION ON THE DOCUMENT OR MATERIALS LINKED FROM THE DOCUMENT IS AT YOUR OWN RISK. Always check with your vendor for the most up to date, and accurate information.