Vulnerability Reference: CVE-2024-47295
Description: If the administrator password on the affected product is left blank (not set)
and the device is accessed via Web Config, it’s possible to setup an administrator
password on the device.
Impact: This may allow a malicious third party to take over the device and operate it remotely. Currently, there are no reports of attacks exploiting this vulnerability.
Solution:
Connecting to Internet
The product should not be directly connected to the Internet and should be installed in a network protected by a firewall.
Administrator Password
Set an administrator password during the initial setup of the device. Password should be 8 characters or more, consist of upper/lower case, alphanumeric and symbols.
For more information on securing your Epson product, visit our Security Guidebook
Affected Products