CVE-2026-23767

Published: Mar 5, 2026Modified: Mar 9, 2026

9.8

Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Exploitability: 3.9 / Impact: 5.9

Source: 134c704f-9b21-4f2e-91b3-4a467353bcc0 (Secondary)

Description

ESC/POS, a printer control language designed by Seiko Epson Corporation, lacks mechanisms for user authentication and command authorization, does not provide controls to restrict sources or destinations of network communication, and transmits commands without encryption or integrity protection.

Affected (24)

Products: Epson: Sb H50 Firmware, Tm H6000v Firmware, Tm L100 Firmware, Tm M10 Firmware, Tm M30 Firmware, Tm M30ii Firmware, Tm M30ii H Firmware, Tm M30ii S Firmware, Tm M30ii Sl Firmware, Tm M30iii Firmware, Tm M30iii H Firmware, Tm M55 Firmware, Tm P20ii Firmware, Tm P80ii Firmware, Tm P20 Firmware, Tm P60ii Firmware, Tm P80 Firmware, Tm T20ii Firmware, Tm T20iii Firmware, Tm T88vi Firmware, Tm T88vi Ihub Firmware, Tm T88vii Firmware, Ub R04 Firmware, Ub E04 Firmware

24 products

Tm T88vi Ihub Firmware

Tm T88vii Firmware

Ub R04 Firmware

Ub E04 Firmware

Configuration A

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Epson Sb H50 Firmware	All versions

Running on/with	Platform Versions
Epson Sb H50	All versions

Configuration B

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Epson Tm H6000v Firmware	All versions

Running on/with	Platform Versions
Epson Tm H6000v	All versions

Configuration C

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Epson Tm L100 Firmware	All versions

Running on/with	Platform Versions
Epson Tm L100	All versions

Configuration D

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Epson Tm M10 Firmware	All versions

Running on/with	Platform Versions
Epson Tm M10	All versions

Configuration E

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Epson Tm M30 Firmware	All versions

Running on/with	Platform Versions
Epson Tm M30	All versions

Configuration F

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Epson Tm M30ii Firmware	All versions

Running on/with	Platform Versions
Epson Tm M30ii	All versions

Configuration G

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Epson Tm M30ii H Firmware	All versions

Running on/with	Platform Versions
Epson Tm M30ii H	All versions

Configuration H

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Epson Tm M30ii S Firmware	All versions

Running on/with	Platform Versions
Epson Tm M30ii S	All versions

Configuration I

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Epson Tm M30ii Sl Firmware	All versions

Running on/with	Platform Versions
Epson Tm M30ii Sl	All versions

Configuration J

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Epson Tm M30iii Firmware	All versions

Running on/with	Platform Versions
Epson Tm M30iii	All versions

Configuration K

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Epson Tm M30iii H Firmware	All versions

Running on/with	Platform Versions
Epson Tm M30iii H	All versions

Configuration L

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Epson Tm M55 Firmware	All versions

Running on/with	Platform Versions
Epson Tm M55	All versions

Configuration M

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Epson Tm P20ii Firmware	All versions

Running on/with	Platform Versions
Epson Tm P20ii	All versions

Configuration N

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Epson Tm P80ii Firmware	All versions

Running on/with	Platform Versions
Epson Tm P80ii	All versions

Configuration O

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Epson Tm P20 Firmware	All versions

Running on/with	Platform Versions
Epson Tm P20	All versions

Configuration P

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Epson Tm P60ii Firmware	All versions

Running on/with	Platform Versions
Epson Tm P60ii	All versions

Configuration Q

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Epson Tm P80 Firmware	All versions

Running on/with	Platform Versions
Epson Tm P80	All versions

Configuration R

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Epson Tm T20ii Firmware	All versions

Running on/with	Platform Versions
Epson Tm T20ii	All versions

Configuration S

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Epson Tm T20iii Firmware	All versions

Running on/with	Platform Versions
Epson Tm T20iii	All versions

Configuration T

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Epson Tm T88vi Firmware	All versions

Running on/with	Platform Versions
Epson Tm T88vi	All versions

Configuration U

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Epson Tm T88vi Ihub Firmware	All versions

Running on/with	Platform Versions
Epson Tm T88vi Ihub	All versions

Configuration V

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Epson Tm T88vii Firmware	All versions

Running on/with	Platform Versions
Epson Tm T88vii	All versions

Configuration W

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Epson Ub R04 Firmware	All versions

Running on/with	Platform Versions
Epson Ub R04	All versions

Configuration X

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Epson Ub E04 Firmware	All versions

Running on/with	Platform Versions
Epson Ub E04	All versions

Related CWEs

CWE-306

Missing Authentication for Critical Function

The product does not perform any authentication for functionality that requires a provable user identity or consumes a significant amount of resources.

References (3)

https://download4.epson.biz/sec_pubs/bs/pdf/IP_Filtering_Guide_en_revA.pdf

Source: vultures@jpcert.or.jp

Product

https://jvn.jp/en/ta/JVNTA97995322/

Source: vultures@jpcert.or.jp

Third Party Advisory

https://www.epson.jp/support/misc_t/260305_oshirase.htm

Source: vultures@jpcert.or.jp

Vendor Advisory

Timeline

No history available yet.