9.8критическая
CVE-2026-23767
Описание
ESC/POS, a printer control language designed by Seiko Epson Corporation, lacks mechanisms for user authentication and command authorization, does not provide controls to restrict sources or destinations of network communication, and transmits commands without encryption or integrity protection.
Затрагиваемое ПО
Epson Sb-h50 firmwareEpson Sb-h50Epson Tm-h6000v firmwareEpson Tm-h6000vEpson Tm-l100 firmwareEpson Tm-l100Epson Tm-m10 firmwareEpson Tm-m10Epson Tm-m30 firmwareEpson Tm-m30Epson Tm-m30ii firmwareEpson Tm-m30iiEpson Tm-m30ii-h firmwareEpson Tm-m30ii-hEpson Tm-m30ii-s firmwareEpson Tm-m30ii-sEpson Tm-m30ii-sl firmwareEpson Tm-m30ii-slEpson Tm-m30iii firmwareEpson Tm-m30iiiEpson Tm-m30iii-h firmwareEpson Tm-m30iii-hEpson Tm-m55 firmwareEpson Tm-m55Epson Tm-p20ii firmware
CVSS
| Балл | 9.8 — критическая |
| Вектор | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
Источники
https://download4.epson.biz/sec_pubs/bs/pdf/IP_Filtering_Guide_en_revA.pdfhttps://jvn.jp/en/ta/JVNTA97995322/https://www.epson.jp/support/misc_t/260305_oshirase.htm