Epson Devices Vulnerability Let Attackers Create Rogue Admin Accounts

A newly disclosed security vulnerability, CVE-2024-47295, has been found in several Epson devices, including printers, scanners, and network interface products.

The flaw allows attackers to exploit a critical configuration oversight that could result in unauthorized control of affected devices.

Vulnerability Description – CVE-2024-47295

The vulnerability arises when the administrator password on an Epson device is left blank.

If accessed via the Web Config interface, attackers could set up a rogue administrator account, granting them complete control over the device.

Build an in-house SOC or outsource SOC-as-a-Service -> Calculate Costs

This could lead to unauthorized use, data breaches, or even further exploitation of the device within a network.

As per reports from Epson, while there are currently no reports of this vulnerability being actively exploited in the wild, the potential consequences are significant.

A third party gaining remote control of these devices could manipulate settings, access sensitive information, or use the device as a foothold in a broader network.

Given the widespread use of Epson products in both consumer and business environments, this vulnerability poses a severe risk if left unaddressed.

Affected Products

The vulnerability affects a wide range of Epson devices, including:

Product Category	Examples
Inkjet Printers	Consumer and office models across various lines
Laser Printers	Monochrome and color laser models
Impact Printers	Dot-matrix, line printers, and other impact printing devices
Large Format Printers	Printers used in professional and industrial applications
Photo Printers	High-resolution photo printing devices
Mini Lab Products	Compact, specialized devices for photo printing
Scanners	Document and photo scanners
Network Interface Products	Devices used to connect printers and scanners to networks

To mitigate the threat of CVE-2024-47295, Epson urges all users to configure a strong administrator password immediately. The company emphasizes the importance of following industry-standard security practices, including:

• Replacing default passwords with strong, unique passwords.
• Ensuring that devices are behind a firewall.
• Regularly updating device firmware and monitoring for security advisories.

While this vulnerability has not yet been exploited, Epson users are urged to secure their devices and prevent potential attacks immediately.

Run private, Real-time Malware Analysis in both Windows & Linux VMs. Get a 14-day free trial with ANY.RUN!