9.8
CVE-2025-64310
- EPSS 0.41%
- Veröffentlicht 21.11.2025 02:36:35
- Zuletzt bearbeitet 15.04.2026 00:35:42
- Quelle vultures@jpcert.or.jp
- CVE-Watchlists
- Unerledigt
EPSON WebConfig and Epson Web Control for SEIKO EPSON Projector Products do not restrict excessive authentication attempts. An administrative user's password may be identified through a brute force attack.
Daten sind bereitgestellt durch das CVE Programm von einer CVE Numbering Authority (CNA) (Unstrukturiert).
HerstellerSEIKO EPSON CORPORATION
≫
Produkt
EPSON WebConfig for SEIKO EPSON Projector Products
Version
see the information provided by the vendor
Status
affected
HerstellerSEIKO EPSON CORPORATION
≫
Produkt
Epson Web Control for SEIKO EPSON Projector Products
Version
see the information provided by the vendor
Status
affected
VulnDex Vulnerability Enrichment
Diese Information steht angemeldeten Benutzern zur Verfügung. 
Login
Login| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.41% | 0.328 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| vultures@jpcert.or.jp | 9.3 | 0 | 0 |
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
|
| vultures@jpcert.or.jp | 9.8 | 3.9 | 5.9 |
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
|
CWE-307 Improper Restriction of Excessive Authentication Attempts
The product does not implement sufficient measures to prevent multiple failed authentication attempts within a short time frame.
https://www.epson.jp/support/misc_t/251120_oshirase.htm
https://jvn.jp/en/vu/JVNVU95021911/
https://www.epson.co.uk/en_GB/faq/KA-02041/contents?loc=en-us