CVE-2025-35970

HIGH

SEIKO EPSON/FUJIFILM - Info Disclosure

Title source: llm

Description

On multiple products of SEIKO EPSON and FUJIFILM Corporation, the initial administrator password is easy to guess from the information available via SNMP. If the administrator password is not changed from the initial one, a remote attacker with SNMP access can log in to the product with the administrator privilege.

References (3)

[Various Sources] https://global.fujifilm.com/en/news/hq/697e

[Third Party Advisory] https://jvn.jp/en/vu/JVNVU91363496/

[Various Sources] https://www.epson.jp/support/misc_t/250807_oshirase.htm

Scores

CVSS v3 7.5

EPSS 0.0006

EPSS Percentile 19.1%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Classification

CWE

CWE-1391

Status draft

Timeline

Published Aug 07, 2025

Tracked Since Feb 18, 2026