← back
CVE-2025-35970

CVE-2025-35970

CVSS 8.7 HIGHEPSS 0.4%CWE-1391
On multiple products of SEIKO EPSON and FUJIFILM Corporation, the initial administrator password is easy to guess from the information available via SNMP. If the administrator password is not changed from the initial one, a remote attacker with SNMP access can log in to the product with the administrator privilege.
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
Affected products
FUJIFILM Corporation · FRONTIER DX400WSEIKO EPSON · Multiple EPSON product

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://global.fujifilm.com/en/news/hq/697ehttps://jvn.jp/en/vu/JVNVU91363496/https://www.epson.jp/support/misc_t/250807_oshirase.htm