CVE-2025-42598

Summary

Multiple SEIKO EPSON printer drivers for Windows OS are configured with an improper access permission settings when installed or used in a language other than English. If a user is directed to place a crafted DLL file in a location of an attacker's choosing, the attacker may execute arbitrary code with SYSTEM privilege on a Windows system on which the printer driver is installed.

Affected Software

VendorProductVersion RangeStatus
SEIKO EPSON CORPORATIONSEIKO EPSON printer drivers for Windows OSsee the information provided by SEIKO EPSON CORPORATION.affected

Weaknesses

  • CWE-276: Incorrect default permissions

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: total

References