CVE-2020-5674

Untrusted search path vulnerability in the installers of multiple SEIKO EPSON products allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
7.8 HIGH
LOCAL
LOW
NONE
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
jpcertCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 24%
VendorProductVersion
epsonalbum_print
-
epsoncolor_calibration_utility
-
epsoncolorbase
-
epsoncolorio_easy_print
-
epsonconnect
-
epsoncreativity_suite
-
epsone-photo
-
epsone-photo
-
epsoneasy_photo_print
-
epsoneasy_photo_print
-
epsoneasy_settings
-
epsonimaging_workshop
-
epsonlink2
-
epsonmulti-print_quicker
-
epsonnet_config
-
epsonnet_config_se
-
epsonnet_print
-
epsonnet_software_development_kit
-
epsonphotolier
-
epsonphotoquicker
-
epsonphotostarter
3.1
epsonpm-t990_integrated_installer
-
epsonprint
-
epsonprint
-
epsonprint
-
epsonprint_image_framer_tool
-
epsonprint_layout
-
epsonprolab_print
-
epsonprolab_print
-
epsonremote_printer_driver
-
epsonscan_icm_updater
-
epsonscanner_driver
-
epsonweb_to_page
-
epsonwebconfig
-
epsonuniversal_print_driver
-
epsonstatus_monitor_2
-
epsonstatus_monitor_3
-
epsonec-01_firmware
-
epsonprint_image_framer_tool
-
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
https://jvn.jp/en/jp/JVN26835001/index.html
https://www.epson.jp/support/misc_t/201119_oshirase.htm
https://www.epson.jp/support/pdf/fy20-001_softwareList_20201106_b.pdf
https://jvn.jp/en/jp/JVN26835001/index.html
https://www.epson.jp/support/misc_t/201119_oshirase.htm
https://www.epson.jp/support/pdf/fy20-001_softwareList_20201106_b.pdf