The web interface of numerous printers, scanners and network interface products from Seiko-Epson allows attackers to take over them. IT managers should immediately implement the workaround on affected devices.
Advertisement
Epson warns in a statement before the security gap. It affects the web interface of the vulnerable devices, which can be used to view the status or change settings. On some devices, the web interface can also be called “Remote Manager,” the developers discuss. If the administrator password has not been set and is empty, attackers can access it and assign their own password. This allows them to take control of vulnerable devices and control them remotely (CVE-2024-47295CVSS 8.1“Risk”high“).
Epson devices: Workaround available
When the web interface of affected devices is accessed for the first time, it usually asks to set the admin password. As a countermeasure, the manufacturer recommends that IT managers access the web interface of the vulnerable devices. They should then simply set the administrator password there so as not to give attackers a chance to do this in front of them.
If you let the web browser translate Epson’s message into German or English, for example, you will find an extensive list of vulnerable devices. It ranges from inkjet printers, laser printers, dot matrix printers or large format printers to receipt printers and scanners to network interface products. Products other than those listed are not affected because they have an administrator password assigned at the factory.
Epson also provides further security tips: The devices should not be connected directly to the Internet, but should be used in a network protected by a firewall. In addition, an administrator password should be assigned that has a certain level of complexity.
Security gaps are not only found in printers themselves. Print servers like the CUPS system also occasionally struggle with this. On Friday last week, an IT security researcher made some critical security gaps public. These can be closed through available software updates.
(dmk)