CVE-2025-64310

Summary

EPSON WebConfig and Epson Web Control for SEIKO EPSON Projector Products do not restrict excessive authentication attempts. An administrative user's password may be identified through a brute force attack.

Affected Software

VendorProductVersion RangeStatus
SEIKO EPSON CORPORATIONEPSON WebConfig for SEIKO EPSON Projector Productssee the information provided by the vendoraffected
SEIKO EPSON CORPORATIONEpson Web Control for SEIKO EPSON Projector Productssee the information provided by the vendoraffected

Weaknesses

  • CWE-307: Improper restriction of excessive authentication attempts

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: yes
    • Technical Impact: total

References