CVE-2024-47295
8.1
CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
Summary
Insecure initial password configuration issue in SEIKO EPSON Web Config allows a remote unauthenticated attacker to set an arbitrary password and operate the device with an administrative privilege. As for the details of the affected versions, see the information provided by the vendor under [References].
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| SEIKO EPSON CORPORATION | Web Config | See the information/details provided by the vendor | affected |
Weaknesses
- CWE-1188: Initialization of a resource with an insecure default
ADP Enrichment
CISA ADP Vulnrichment
- SSVC:
- Exploitation: none
- Automatable: no
- Technical Impact: total
References
- https://epson.com/Support/wa00958
- https://www.epson.jp/support/misc_t/240930_03_oshirase.htm
- https://jvn.jp/en/vu/JVNVU95133448/
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.