Epson Devices Vulnerability Let Attackers Create Rogue Admin Accounts

A newly disclosed security vulnerability, CVE-2024-47295, has been found in several Epson devices, including printers, scanners, and network interface products.

The flaw allows attackers to exploit a critical configuration oversight that could result in unauthorized control of affected devices.

Vulnerability Description – CVE-2024-47295

The vulnerability arises when the administrator password on an Epson device is left blank.

If accessed via the Web Config interface, attackers could set up a rogue administrator account, granting them complete control over the device.

Build an in-house SOC or outsource SOC-as-a-Service -> Calculate Costs

This could lead to unauthorized use, data breaches, or even further exploitation of the device within a network.

As per reports from Epson, while there are currently no reports of this vulnerability being actively exploited in the wild, the potential consequences are significant.

A third party gaining remote control of these devices could manipulate settings, access sensitive information, or use the device as a foothold in a broader network.

Given the widespread use of Epson products in both consumer and business environments, this vulnerability poses a severe risk if left unaddressed.

Affected Products

The vulnerability affects a wide range of Epson devices, including:

Product CategoryExamples
Inkjet PrintersConsumer and office models across various lines
Laser PrintersMonochrome and color laser models
Impact PrintersDot-matrix, line printers, and other impact printing devices
Large Format PrintersPrinters used in professional and industrial applications
Photo PrintersHigh-resolution photo printing devices
Mini Lab ProductsCompact, specialized devices for photo printing
ScannersDocument and photo scanners
Network Interface ProductsDevices used to connect printers and scanners to networks

To mitigate the threat of CVE-2024-47295, Epson urges all users to configure a strong administrator password immediately. The company emphasizes the importance of following industry-standard security practices, including:

  • Replacing default passwords with strong, unique passwords.
  • Ensuring that devices are behind a firewall.
  • Regularly updating device firmware and monitoring for security advisories.

While this vulnerability has not yet been exploited, Epson users are urged to secure their devices and prevent potential attacks immediately.

Run private, Real-time Malware Analysis in both Windows & Linux VMs. Get a 14-day free trial with ANY.RUN!

Dhivya
Divya is a Senior Journalist at Cyber Security news covering Cyber Attacks, Threats, Breaches, Vulnerabilities and other happenings in the cyber world.