Epson Security Statement

Please select a security notification below for details:

CVE-2025-6635 – Command Execution Vulnerability in Epson WebConfig

CVE-2025-64310 – Vulnerability in EPSON WebConfig / Epson Web Control for Projector Products

CVE-2025-42598 – Local privilege escalation in Windows OS through installed EPSON printers in non-English environments

CVE-2025-35970 – Initial Epson WebConfig administrator password discoverable via remote SNMP access

CVE-2024-47295 – Insecure initial password configuration in Epson WebConfig

CVE-2023-23572 – Cross-Site Scripting (XSS) vulnerability

CVE-2023-27520 – Cross-Site Request Forgery (CSRF) vulnerability

CVE-2020-6091 – Epson Projector Web Control authentication bypass

CVE-2018-5550 – Cross-Site Scripting vulnerability in Epson Web Configuration for AirPrint

CVE-2017-6443 – Cross-Site Scripting vulnerability in Epson WebConfig for TM Products

CVE-2017-6443 – Cross-Site Scripting vulnerability in Epson WebConfig for Professional Imaging Printers

CVE-2015-6034 – Security and reliability update

9100-13-GEN-002 – General information for Epson products with a secure embedded web server

CVE-2020-9014 – Epson iProjection software driver vulnerability (EMP_NSAU.sys)

CVE-2020-9453 – Epson iProjection software driver vulnerability (EMP_MPAU.sys)

See our Technical Support Fraud Alert to learn about tech support scams and what to do if you've been affected.