CVE-2020-5674

Untrusted search path vulnerability in the installers of multiple SEIKO EPSON products allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory.

CVSS v3.0 7.8 HIGH
CVSS v2.0 4.4 MEDIUM

7.8^/10

CVSS v3.0 : HIGH

V3 Legend

Vector :

Exploitability : 1.8 / Impact : 5.9

Attack Vector LOCAL

Attack Complexity LOW

Privileges Required NONE

User Interaction REQUIRED

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact HIGH

Scope UNCHANGED

4.4^/10

CVSS v2.0 : MEDIUM

V2 Legend

Vector : AV:L/AC:M/Au:N/C:P/I:P/A:P

Exploitability : 3.4 / Impact : 6.4

Access Vector LOCAL

Access Complexity MEDIUM

Authentication NONE

Confidentiality Impact PARTIAL

Integrity Impact PARTIAL

Availability Impact PARTIAL

References

Link	Resource
https://www.epson.jp/support/pdf/fy20-001_softwareList_20201106_b.pdf	Vendor Advisory
https://www.epson.jp/support/misc_t/201119_oshirase.htm	Vendor Advisory
https://jvn.jp/en/jp/JVN26835001/index.html	Third Party Advisory

Configurations

Configuration 1 (hide)

OR	cpe:2.3:a:epson:album_print:-:::::update_program::
	cpe:2.3:a:epson:color_calibration_utility:-:::::::*
	cpe:2.3:a:epson:colorbase:-:::::::*
	cpe:2.3:a:epson:colorio_easy_print:-:::::::*
	cpe:2.3:a:epson:connect:-:::::::*
	cpe:2.3:a:epson:creativity_suite:-:::::::*
	cpe:2.3:a:epson:e-photo:-:::::camera_raw::
	cpe:2.3:a:epson:e-photo:-:::::picture_motion_browser::
	cpe:2.3:a:epson:easy_photo_print:-:::::-::
	cpe:2.3:a:epson:easy_photo_print:-:::::camera_raw::
	cpe:2.3:a:epson:easy_settings:-:::::office::
	cpe:2.3:a:epson:remote_printer_driver:-:::::::*
	cpe:2.3:a:epson:scanner_driver:-:::::::*
	cpe:2.3:a:epson:net_software_development_kit:-:::::::*
	cpe:2.3:a:epson:net_print:-:::::::*
	cpe:2.3:a:epson:net_config_se:-:::::::*
	cpe:2.3:a:epson:net_config:-:::::::*
	cpe:2.3:a:epson:scan_icm_updater:-:::::::*
	cpe:2.3:a:epson:prolab_print:-:::::camera_raw::
	cpe:2.3:a:epson:imaging_workshop:-:::::::*
	cpe:2.3:a:epson:web_to_page:-:::::::*
	cpe:2.3:a:epson:prolab_print:-:::::::*
	cpe:2.3:a:epson:print:-:::::silkypix::
	cpe:2.3:a:epson:print:-:::::playmemories_home::
	cpe:2.3:a:epson:print_layout:-:::::photoshop::
	cpe:2.3:a:epson:print_image_framer_tool:-:::::::*
	cpe:2.3:a:epson:photostarter:3.1:::::::*
	cpe:2.3:a:epson:photoquicker:-:::::::*
	cpe:2.3:a:epson:photolier:-:::::::*
	cpe:2.3:a:epson:multi-print_quicker:-:::::windows::
	cpe:2.3:a:epson:link2:-:::::::*
	cpe:2.3:a:epson:pm-t990_integrated_installer:-:::::windows::
	cpe:2.3:a:epson:print:-:::::viewnx::
	cpe:2.3:a:epson:webconfig:-:::::::*

Configuration 2 (hide)

AND

cpe:2.3:a:epson:universal_print_driver:-:*:*:*:*:*:*:*

OR	cpe:2.3:o:microsoft:windows:-::::::x64:
	cpe:2.3:o:microsoft:windows:-::::::x86:

Configuration 3 (hide)

AND

OR	cpe:2.3:a:epson:status_monitor_2:-:::::::*
	cpe:2.3:a:epson:status_monitor_3:-:::::::*

cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*

Configuration 4 (hide)

AND

cpe:2.3:o:epson:ec-01_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:epson:ec-01:-:*:*:*:*:*:*:*

Configuration 5 (hide)

AND

cpe:2.3:a:epson:print_image_framer_tool:-:*:*:*:*:*:*:*

OR	cpe:2.3:o:microsoft:windows_98:-:::::::*
	cpe:2.3:o:microsoft:windows_me:-:::::::*

Information

Published : 2020-11-23 23:15

Updated : 2021-07-21 04:39

NVD link : CVE-2020-5674

Mitre link : CVE-2020-5674

JSON object : View

CWE

CWE-427

Uncontrolled Search Path Element

Products Affected

epson

colorio_easy_print
net_software_development_kit
net_config
easy_photo_print
webconfig
imaging_workshop
scan_icm_updater
photoquicker
status_monitor_3
connect
print_layout
easy_settings
creativity_suite
e-photo
photolier
album_print
net_print
color_calibration_utility
pm-t990_integrated_installer
status_monitor_2
ec-01_firmware
link2
remote_printer_driver
print_image_framer_tool
photostarter
multi-print_quicker
universal_print_driver
scanner_driver
colorbase
prolab_print
net_config_se
print
web_to_page
ec-01

microsoft

windows_98
windows
windows_me

{"cve": {"data_type": "CVE", "references": {"reference_data": [{"url": "https://www.epson.jp/support/pdf/fy20-001_softwareList_20201106_b.pdf", "name": "https://www.epson.jp/support/pdf/fy20-001_softwareList_20201106_b.pdf", "tags": ["Vendor Advisory"], "refsource": "MISC"}, {"url": "https://www.epson.jp/support/misc_t/201119_oshirase.htm", "name": "https://www.epson.jp/support/misc_t/201119_oshirase.htm", "tags": ["Vendor Advisory"], "refsource": "MISC"}, {"url": "https://jvn.jp/en/jp/JVN26835001/index.html", "name": "https://jvn.jp/en/jp/JVN26835001/index.html", "tags": ["Third Party Advisory"], "refsource": "MISC"}]}, "data_format": "MITRE", "description": {"description_data": [{"lang": "en", "value": "Untrusted search path vulnerability in the installers of multiple SEIKO EPSON products allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "en", "value": "CWE-427"}]}]}, "data_version": "4.0", "CVE_data_meta": {"ID": "CVE-2020-5674", "ASSIGNER": "vultures@jpcert.or.jp"}}, "impact": {"baseMetricV2": {"cvssV2": {"version": "2.0", "baseScore": 4.4, "accessVector": "LOCAL", "vectorString": "AV:L/AC:M/Au:N/C:P/I:P/A:P", "authentication": "NONE", "integrityImpact": "PARTIAL", "accessComplexity": "MEDIUM", "availabilityImpact": "PARTIAL", "confidentialityImpact": "PARTIAL"}, "severity": "MEDIUM", "acInsufInfo": false, "impactScore": 6.4, "obtainAllPrivilege": false, "exploitabilityScore": 3.4, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": true}, "baseMetricV3": {"cvssV3": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.8, "attackVector": "LOCAL", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "REQUIRED", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 1.8}}, "publishedDate": "2020-11-24T07:15Z", "configurations": {"nodes": [{"children": [], "operator": "OR", "cpe_match": [{"cpe23Uri": "cpe:2.3:a:epson:album_print:-:*:*:*:*:update_program:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:epson:color_calibration_utility:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:epson:colorbase:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:epson:colorio_easy_print:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:epson:connect:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:epson:creativity_suite:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:epson:e-photo:-:*:*:*:*:camera_raw:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:epson:e-photo:-:*:*:*:*:picture_motion_browser:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:epson:easy_photo_print:-:*:*:*:*:-:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:epson:easy_photo_print:-:*:*:*:*:camera_raw:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:epson:easy_settings:-:*:*:*:*:office:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:epson:remote_printer_driver:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:epson:scanner_driver:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:epson:net_software_development_kit:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:epson:net_print:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:epson:net_config_se:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:epson:net_config:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:epson:scan_icm_updater:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:epson:prolab_print:-:*:*:*:*:camera_raw:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:epson:imaging_workshop:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:epson:web_to_page:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:epson:prolab_print:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:epson:print:-:*:*:*:*:silkypix:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:epson:print:-:*:*:*:*:playmemories_home:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:epson:print_layout:-:*:*:*:*:photoshop:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:epson:print_image_framer_tool:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:epson:photostarter:3.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:epson:photoquicker:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:epson:photolier:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:epson:multi-print_quicker:-:*:*:*:*:windows:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:epson:link2:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:epson:pm-t990_integrated_installer:-:*:*:*:*:windows:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:epson:print:-:*:*:*:*:viewnx:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:epson:webconfig:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}]}, {"children": [{"children": [], "operator": "OR", "cpe_match": [{"cpe23Uri": "cpe:2.3:a:epson:universal_print_driver:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}]}, {"children": [], "operator": "OR", "cpe_match": [{"cpe23Uri": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:x64:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:x86:*", "cpe_name": [], "vulnerable": false}]}], "operator": "AND", "cpe_match": []}, {"children": [{"children": [], "operator": "OR", "cpe_match": [{"cpe23Uri": "cpe:2.3:a:epson:status_monitor_2:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:epson:status_monitor_3:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}]}, {"children": [], "operator": "OR", "cpe_match": [{"cpe23Uri": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}]}], "operator": "AND", "cpe_match": []}, {"children": [{"children": [], "operator": "OR", "cpe_match": [{"cpe23Uri": "cpe:2.3:o:epson:ec-01_firmware:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}]}, {"children": [], "operator": "OR", "cpe_match": [{"cpe23Uri": "cpe:2.3:h:epson:ec-01:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}]}], "operator": "AND", "cpe_match": []}, {"children": [{"children": [], "operator": "OR", "cpe_match": [{"cpe23Uri": "cpe:2.3:a:epson:print_image_framer_tool:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}]}, {"children": [], "operator": "OR", "cpe_match": [{"cpe23Uri": "cpe:2.3:o:microsoft:windows_98:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:o:microsoft:windows_me:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}]}], "operator": "AND", "cpe_match": []}], "CVE_data_version": "4.0"}, "lastModifiedDate": "2021-07-21T11:39Z"}

7.8 /10