[Japanese] | |
JVNDB-2025-008145 | |
Epson Web Installer for Mac vulnerable to missing authentication for critical function | |
Overview | |
Epson Web Installer for Mac provided by SEIKO EPSON CORPORATION contains a missing authentication for critical function vulnerability. | |
CVSS Severity (What is CVSS?) | |
CVSS V3 Severity:
Base Metrics 7.8 (High) [Other]
| |
Affected Products | |
| |
SEIKO EPSON CORPORATION | |
A wide range of products are affected. As for the details, refer to the information provided by the developer. | |
Impact | |
If a user is directed to execute a crafted file, arbitrary information may be retrieved and/or altered, or may cause a DoS condition on the Mac system where Epson Web Installer for Mac is runnning. | |
Solution | |
"helper tool" has been fixed by the developer on June 23, 2025. | |
Vendor Information | |
SEIKO EPSON CORPORATION | |
CWE (What is CWE?) | |
| |
CVE (What is CVE?) | |
| |
References | |
| |
Revision History | |
|
Date Public | 2025/07/07 |
Date First Published | 2025/07/08 |
Date Last Updated | 2025/07/08 |