CVE-2020-5674

HIGH

SEIKO EPSON - Privilege Escalation

Title source: llm

Description

Untrusted search path vulnerability in the installers of multiple SEIKO EPSON products allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory.

References (3)

Scores

CVSS v3 7.8
EPSS 0.0008
EPSS Percentile 23.9%
Attack Vector LOCAL
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Classification

CWE
CWE-427
Status published

Affected Products (38)

epson/album_print
epson/color_calibration_utility
epson/colorbase
epson/colorio_easy_print
epson/connect
epson/creativity_suite
epson/e-photo
epson/e-photo
epson/easy_photo_print
epson/easy_photo_print
epson/easy_settings
epson/imaging_workshop
epson/link2
epson/multi-print_quicker
epson/net_config
... and 23 more

Timeline

Published Nov 24, 2020
Tracked Since Feb 18, 2026