Vulnerability Reference: JVNVU#91363496
Issued: July 15, 2025
Thank you for your continued use of Epson products.
A vulnerability has been identified in certain printers, scanners, and network interface products that allows administrator login if the product's serial number is obtained via SNMP.
- Identified Vulnerability
- Impact of the Vulnerability
- Affected Products
      - Inkjet Printers
- Large-format Printers
- Dot Matrix Printers
- Receipt Printers
- Scanners
- Commercial Photo and Print Systems
 
- Workaround
- Installation location and Configuration According to the Security Guidebook
- Administrator password
 Set a unique administrator password for each product. Use a complex password that includes letters, symbols, and numbers, and is at least 8 characters long to prevent guessing. 
- Internet Connection
 Do not connect the product directly to the internet, Locate the product within a network protected by a firewall, and use a private IP address for operation. 
Some printers, scanners, and network interface products use the serial number as the default administrator password. If a malicious third party obtains the serial number via SNMP using tools on the same network, and the password has not been changed from its default value, they may be able to log in as an administrator. This could result in unauthorized control and operation of the device.
As of now, there have been no confirmed reports of attacks exploiting this vulnerability.
Products not listed above are not affected by this vulnerability.
To ensure safe and secure use of our products, please follow the installation and configuration guidelines outlined in Chapter 3 of the Security Guidebook.
You can check the Security Guidebook.