Description
On multiple products of SEIKO EPSON and FUJIFILM Corporation, the initial administrator password is easy to guess from the information available via SNMP. If the administrator password is not changed from the initial one, a remote attacker with SNMP access can log in to the product with the administrator privilege.
References (3)
Core 3
Core References
Various Sources
https://global.fujifilm.com/en/news/hq/697e
Various Sources
https://www.epson.jp/support/misc_t/250807_oshirase.htm
Third Party Advisory
https://jvn.jp/en/vu/JVNVU91363496/
Scores
CVSS v3
7.5
EPSS
0.0042
EPSS Percentile
33.2%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
CISA SSVC
Vulnrichment
Exploitation
none
Automatable
yes
Technical Impact
partial
Details
CWE
CWE-1391
Status
published
Products (2)
FUJIFILM Corporation/FRONTIER DX400W
all versions
SEIKO EPSON/Multiple EPSON product
see the information provided by the vendor
Published
Aug 07, 2025
Tracked Since
Feb 18, 2026