A vulnerability has been identified in some Epson printers and network interface products in software (Web Config*) that can check the status of the product itself or change settings on a Web browser.
* Web Config allows you to check the status of the product or change the settings by entering the IP address of the product in the URL field on a web browser such as Edge or Safari. Web Config may be referred to as Remote Manager in some products.
The following two vulnerabilities have been identified.
Currently, there are no reports of attacks exploiting this vulnerability.
PRODUCT NAME | XSS VULNERABILITY | CSRF VULNERABILITY | COUNTERMEASURE | SCHEDULED RELEASE |
SC-T3200 Series | Not applicable | Applicable | Apply firmware | DN015N5 (MP33.0) T/I Release: 15 June, 2023 T/I No.: PR23-FWE-0355 [A] |
SC-T5200 Series | Not applicable | Applicable | Apply firmware | DM015N5 (MP33.0) T/I Release: 15 June, 2023 T/I No.: PR23-FWE-0355 [A] |
SC-T7200 Series | Not applicable | Applicable | Apply firmware | DW015N5 (MP33.0) T/I Release: 15 June, 2023 T/I No.: PR23-FWE-0355 [A] |
SC-T5200D Series | Not applicable | Applicable | Apply firmware | MM015N5 (MP33.0) T/I Release: 15 June, 2023 T/I No.: PR23-FWE-0356 [A] |
SC-T7200D Series | Not applicable | Applicable | Apply firmware | MW015N (MP33.0) T/I Release: 15 June, 2023 T/I No.: PR23-FWE-0356 [A] |
SC-P5000 Series | Not applicable | Applicable | Apply firmware | F/W Ver.: N027N2 (MP10.0) T/I Release: 5 April, 2023 T/I No.: PR23-FWE-0010 |
SC-P7000 Series | Not applicable | Applicable | Apply firmware | F/W Ver.: LN002N6 (MP24.0) T/I Release: 4 July, 2023 T/I No.: PR23-FWE-0497 [A] |
SC-P9000 Series | Not applicable | Applicable | Apply firmware | F/W Ver.: LW002N6 (MP24.0) T/I Release: 4 July, 2023 T/I No.: PR23-FWE-0497 [A] |
SC-P6000 Series | Not applicable | Applicable | Apply firmware | F/W Ver.: NN002N6 (MP24.0) T/I Release: 4 July, 2023 T/I No.: PR23-FWE-0497 [A] |
SC-P8000 Series | Not applicable | Applicable | Apply firmware | F/W Ver.: NW002N6 (MP24.0) T/I Release: 4 July, 2023 T/I No.: PR23-FWE-0497 [A] |
SC-P20000 Series | Not applicable | Applicable | Apply firmware | F/W Ver.: FW026N6 (MP28.0) T/I Release: 13 July, 2023 T/I No.: PR23-FWE-0558 [A] |
SC-S80600 Series | Not applicable | Applicable | Apply firmware | F/W Ver.: SA011MB(MP18.1) T/I Release: 31 March, 2023 T/I No.: PR22-FWE-1967 |
SC-S60600 Series | Not applicable | Applicable | Apply firmware | F/W Ver.: HA027K2(MP16.2) T/I Release: 31 March, 2023 T/I No.: PR22-FWE-1968 |
SC-S40600 Series | Not applicable | Applicable | Apply firmware | F/W Ver.: BA027K2(MP16.2) T/I Release: 30 March, 2023 T/I No.: PR22-FWE-1963 |
SC-S60600L Series | Not applicable | Applicable | Apply firmware | F/W Ver.: HC001LA(MP5.1) T/I Release: 31 March, 2023 T/I No.: PR22-FWE-1970 |
SC-S80600L Series | Not applicable | Applicable | Apply firmware | F/W Ver.: SC024M3(MP6.2) T/I Release: 31 March, 2023 T/I No.: PR22-FWE-1969 |
SC-F7200 Series | Not applicable | Applicable | Apply firmware | F/W Ver.: CO011LA(MP9.1) T/I Release: 31 March, 2023 T/I No.: PR22-FWE-1972 |
SC-F6300 Series | Not applicable | Applicable | Apply firmware | F/W Ver.: PR026KB (MP4.4), Network FW 01.19 T/I Release: 20 Sept, 2023 T/I No.: PR23-FWE-0928[A] |
SC-F9400 Series | Not applicable | Applicable | Apply firmware | F/W Ver.: MT026L5(MP3.1) T/I Release: 31 March, 2023 T/I No.: PR22-FWE-1971 |
SC-F9400H Series | Not applicable | Applicable | Apply firmware | F/W Ver.: MU026L5(MP3.1) T/I Release: 31 March, 2023 T/I No.: PR22-FWE-1971 |
SC-F2100 Series | Not applicable | Applicable | Apply firmware | F/W Ver.: LA015K4 (MP4.1), Network FW 01.06 T/I Release: 1 August, 2023 T/I No.: PR23-FWE-0674 [A] |
SC-T3100X Series | Not applicable | Applicable | Apply firmware | F/W Ver.: LC22N8 (MP2.72) T/I Release: 12 Sept, 2023 T/I No.: PR23-FWE-0831 [A] |
SC-F500 Series | Not applicable | Applicable | Apply firmware | F/W Ver.: LS23N8 (MP7.82) T/I Release: 13 Sept, 2023 T/I No.: PR23-FWE-0823 [A] |
SC-F501 Series | Not applicable | Applicable | Apply firmware | F/W Ver.: LS23N8 (MP7.82) T/I Release: 13 Sept 2023 T/I No.: PR23-FWE-0823 [A] |
SC-T3100,SC-T3100N Series | Not applicable | Applicable | Apply firmware | TBD 2023 November (Plan) |
SC-T5100,SC-T5100N Series | Not applicable | Applicable | Apply firmware | TBD 2023 November (Plan) |
SC-T2100 Series | Not applicable | Applicable | Apply firmware | TBD 2023 November (Plan) |
SC-T3400,SC-T3400N Series | Not applicable | Applicable | Apply firmware | TBD 2024 January (Plan) |
SC-T5400 Series | Not applicable | Applicable | Apply firmware | TBD 2024 January (Plan) |
SC-T3405,SC-T3405N Series | Not applicable | Applicable | Apply firmware | TBD 2024 January (Plan) |
SC-T5405 Series | Not applicable | Applicable | Apply firmware | TBD 2024 January (Plan) |
TM-C7500 | Not applicable | Applicable | Apply firmware | F/W Ver.: WAI34400 T/I Release: 27 March, 2023 T/I No.: TIE06224A |
TM-C3500 | Not applicable | Applicable | Apply firmware | F/W Ver.: WAM32500 T/I Release: 27 March, 2023 T/I No.: TIE06222A |
TM-C3400 | Not applicable | Applicable | Workaround | ― |
TM-C610 | Not applicable | Applicable | Workaround | ― |
PX-B510 | Not applicable | Applicable | Workaround | ― |
PX-B500 | Not applicable | Applicable | Workaround | ― |
StylusPro3800 | Not applicable | Applicable | Workaround | ― |
StylusPro3800C | Not applicable | Applicable | Workaround | ― |
StylusPro3850 | Not applicable | Applicable | Workaround | ― |
StylusPro3880 | Not applicable | Applicable | Workaround | ― |
StylusPro3885 | Not applicable | Applicable | Workaround | ― |
StylusPro3890 | Not applicable | Applicable | Workaround | ― |
StylusPhotoR3000 | Not applicable | Applicable | Workaround | ― |
StylusPhotoR2000 | Not applicable | Applicable | Workaround | ― |
SC-P400 Series | Not applicable | Applicable | Workaround | ― |
SC-P600 Series | Not applicable | Applicable | Workaround | ― |
SC-P800 Series | Not applicable | Applicable | Workaround | ― |
StylusPro4450 | Not applicable | Applicable | Workaround | ― |
StylusPro4880 | Not applicable | Applicable | Workaround | ― |
StylusPro4880C | Not applicable | Applicable | Workaround | ― |
StylusPro7450 | Not applicable | Applicable | Workaround | ― |
StylusPro7880 | Not applicable | Applicable | Workaround | ― |
StylusPro7880C | Not applicable | Applicable | Workaround | ― |
StylusPro9450 | Not applicable | Applicable | Workaround | ― |
StylusPro9880 | Not applicable | Applicable | Workaround | ― |
StylusPro9880C | Not applicable | Applicable | Workaround | ― |
StylusPro11880 | Not applicable | Applicable | Workaround | ― |
StylusPro11880C | Not applicable | Applicable | Workaround | ― |
StylusProGS6000 | Not applicable | Applicable | Workaround | ― |
StylusProWT7900 | Not applicable | Applicable | Workaround | ― |
StylusProWT7910 | Not applicable | Applicable | Workaround | ― |
StylusPro7700 | Not applicable | Applicable | Workaround | ― |
StylusPro7710 | Not applicable | Applicable | Workaround | ― |
StylusPro7700M | Not applicable | Applicable | Workaround | ― |
StylusPro7710M | Not applicable | Applicable | Workaround | ― |
StylusPro9700 | Not applicable | Applicable | Workaround | ― |
StylusPro9710 | Not applicable | Applicable | Workaround | ― |
StylusPro4900 | Not applicable | Applicable | Workaround | ― |
StylusPro4910 | Not applicable | Applicable | Workaround | ― |
StylusPro7890 | Not applicable | Applicable | Workaround | ― |
StylusPro7908 | Not applicable | Applicable | Workaround | ― |
StylusPro7900 | Not applicable | Applicable | Workaround | ― |
StylusPro7910 | Not applicable | Applicable | Workaround | ― |
StylusPro9890 | Not applicable | Applicable | Workaround | ― |
StylusPro9908 | Not applicable | Applicable | Workaround | ― |
StylusPro9900 | Not applicable | Applicable | Workaround | ― |
StylusPro9910 | Not applicable | Applicable | Workaround | ― |
SC-T3000 Series | Not applicable | Applicable | Workaround | ― |
SC-T5000 Series | Not applicable | Applicable | Workaround | ― |
SC-T7000 Series | Not applicable | Applicable | Workaround | ― |
SC-P10000 Series | Not applicable | Applicable | Workaround | ― |
SC-S30600 Series | Not applicable | Applicable | Workaround | ― |
SC-S50600 Series | Not applicable | Applicable | Workaround | ― |
SC-S70600 Series | Not applicable | Applicable | Workaround | ― |
SC-F6000 Series | Not applicable | Applicable | Workaround | ― |
SC-F7000 Series | Not applicable | Applicable | Workaround | ― |
SC-F7100 Series | Not applicable | Applicable | Workaround | ― |
SC-F6200 Series | Not applicable | Applicable | Workaround | ― |
SC-F9200 Series | Not applicable | Applicable | Workaround | ― |
SC-F9300 Series | Not applicable | Applicable | Workaround | ― |
SC-F2000 Series | Not applicable | Applicable | Workaround | ― |
StylusPro9860 | Not applicable | Applicable | Workaround | ― |
StylusPro9906D | Not applicable | Applicable | Workaround | ― |
SC-B7000 Series | Not applicable | Applicable | Workaround | ― |
AcuLaser 2600N | Applicable | Applicable | Workaround | ― |
AcuLaser C1900 | Applicable | Applicable | Workaround | ― |
AcuLaser C2000 | Applicable | Applicable | Workaround | ― |
AcuLaser C2600N | Applicable | Applicable | Workaround | ― |
AcuLaser C2800DN | Applicable | Applicable | Workaround | ― |
AcuLaser C2800N | Applicable | Applicable | Workaround | ― |
AcuLaser C3800DN | Applicable | Applicable | Workaround | ― |
AcuLaser C3800N | Applicable | Applicable | Workaround | ― |
AcuLaser C4000 | Applicable | Applicable | Workaround | ― |
AcuLaser C4100 | Applicable | Applicable | Workaround | ― |
AcuLaser C4200DN | Applicable | Applicable | Workaround | ― |
AcuLaser C8500 | Applicable | Applicable | Workaround | ― |
AcuLaser C9000 | Applicable | Applicable | Workaround | ― |
AcuLaser C9100 | Applicable | Applicable | Workaround | ― |
AcuLaser C9200N | Applicable | Applicable | Workaround | ― |
AcuLaser C9300N | Applicable | Applicable | Workaround | ― |
AcuLaser CX28DN | Applicable | Applicable | Workaround | ― |
AcuLaser M2000DN | Applicable | Applicable | Workaround | ― |
AcuLaser M2010DN | Applicable | Applicable | Workaround | ― |
AcuLaser M2300DN | Applicable | Applicable | Workaround | ― |
AcuLaser M2310DN | Applicable | Applicable | Workaround | ― |
AcuLaser M2400DN | Applicable | Applicable | Workaround | ― |
AcuLaser M2410DN | Applicable | Applicable | Workaround | ― |
AcuLaser M4000N | Applicable | Applicable | Workaround | ― |
AcuLaser M7000N | Applicable | Applicable | Workaround | ― |
AcuLaser M8000N | Applicable | Applicable | Workaround | ― |
AcuLaser MX20DN | Applicable | Applicable | Workaround | ― |
AcuLaser MX21DNF | Applicable | Applicable | Workaround | ― |
AL-C500DN | Applicable | Applicable | Workaround | ― |
EPL-5700 | Applicable | Applicable | Workaround | ― |
EPL-C8200 | Applicable | Applicable | Workaround | ― |
EPL-N2000 | Applicable | Applicable | Workaround | ― |
EPL-N2000K | Applicable | Applicable | Workaround | ― |
EPL-N2050 | Applicable | Applicable | Workaround | ― |
EPL-N2050+ | Applicable | Applicable | Workaround | ― |
EPL-N2700 | Applicable | Applicable | Workaround | ― |
EPL-N2750 | Applicable | Applicable | Workaround | ― |
EPL-N3000 | Applicable | Applicable | Workaround | ― |
EPL-N4000 | Applicable | Applicable | Workaround | ― |
EPL-N4000+ | Applicable | Applicable | Workaround | ― |
EPL-N7000 | Applicable | Applicable | Workaround | ― |
EpsonNet 10/100 Base TX USB Print Server (C82402*) | Applicable | Applicable | Workaround | ― |
EpsonNet 10/100 Base TX USB Print Server (C82403*) | Applicable | Applicable | Workaround | ― |
EpsonNet 10/100 Base Tx High Speed Int.Print Server (C82405*) | Applicable | Applicable | Workaround | ― |
EpsonNet 802.11g wireless Ext. Print Server (C82422*) | Applicable | Applicable | Workaround | ― |
EpsonNet 10/100 Base Tx Int. Print Server 5 (C82434*) | Applicable | Applicable | Workaround | ― |
EpsonNet 10/100 Base Tx Int. Print Server 5e (C82435*) | Applicable | Applicable | Workaround | ― |
EpsonNet 802.11b/g Wireless and 10/100 Base Tx Ext. Print Server (C82437*) |
Applicable | Applicable | Workaround | ― |
EpsonNet Authentication Print (C82440*) |
Applicable | Applicable | Workaround | ― |
EpsonNet 10 Base 2/T Int. Print Server (C82362*) | Applicable | Applicable | Workaround | ― |
EpsonNet 10/100 Base Tx Ext. Print Server (C82363*) | Applicable | Applicable | Workaround | ― |
EpsonNet 10/100 Base Tx Ext. Print Server (C82364*) | Applicable | Applicable | Workaround | ― |
EpsonNet 10/100 Base Tx External Print Server (C82378*) | Applicable | Applicable | Workaround | ― |
EpsonNet 10/100 Base Tx Int. Print Server (C82384*) | Applicable | Applicable | Workaround | ― |
EpsonNet 10/100 Base Tx Int―. Print Server 2 (C82391*) | Applicable | Applicable | Workaround | ― |
EpsonNet 802.11b Wireless Ext. Print Server (C82396*) | Applicable | Applicable | Workaround | ― |
EpsonNet 802.11b Wireless Ext. Print Server (C82397*) | Applicable | Applicable | Workaround | ― |
EpsonNet 802.11b Wireless Ext. Print Server (C82398*) | Applicable | Applicable | Workaround | ― |
EPSON Network Image Express (B80836*) |
Applicable | Applicable | Workaround | ― |
EPSON Network Image Express Card (B80839*) | Applicable | Applicable | Workaround | - |
In order for customers to use the product safely and securely, please install and configure it according to the security guidebook.
1. Connecting to the Internet
The product should not be directly connected to the Internet and should be installed in a network protected by a firewall. In that case, please set a private IP address and operate.
2. Administrator password
Set an administrator password for each product.
The administrator password should be a complex string that is difficult for others to guess, such as mixing not only English characters but also symbols and numbers to make it 8 characters or more.
Please check the SECURITY GUIDEBOOK. <- Here is a link to the security guidebook.
1. Blocked by product
For the following products, you can block HTTP access (TCP/80 port) in Web Config.