CVE-2025-64310

Critical CVSS: 9.3

EPSON WebConfig and Epson Web Control for SEIKO EPSON Projector Products do not restrict excessive authentication attempts. An administrative user's password may be identified through a brute force attack.

Vendor

Product

CWE

CWE-307

Yayın Tarihi

2025-11-21 03:16:10

Güncelleme

2025-12-23 03:15:50

Source Identifier

vultures@jpcert.or.jp

KEV Date Added

Kategoriler

CWE-307 CRITICAL 2025

Referanslar

https://jvn.jp/en/vu/JVNVU95021911/ https://www.epson.co.uk/en_GB/faq/KA-02041/contents?loc=en-us https://www.epson.jp/support/misc_t/251120_oshirase.htm