← back
CVE-2026-23767

CVE-2026-23767

CVSS 9.8 CRITICALEPSS 0.4%CWE-306
ESC/POS, a printer control language designed by Seiko Epson Corporation, lacks mechanisms for user authentication and command authorization, does not provide controls to restrict sources or destinations of network communication, and transmits commands without encryption or integrity protection.
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Affected products
Seiko Epson Corporation · ESC/POS

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://download4.epson.biz/sec_pubs/bs/pdf/IP_Filtering_Guide_en_revA.pdfhttps://jvn.jp/en/ta/JVNTA97995322/https://www.epson.jp/support/misc_t/260305_oshirase.htm