Cross-Site Request Forgery Vulnerability in Epson Expression Home Printers
CVE-2019-20460

8.8HIGH

Key Information:

Vendor: Epson
Vendor: CVE Published:; 7 November 2024

What is CVE-2019-20460?

Epson Expression Home XP255 printers have a security flaw that allows attackers to exploit the lack of anti-CSRF tokens in POST requests. This vulnerability makes it possible for unauthorized actors to initiate actions directly to the printer, potentially resulting in unauthorized print jobs. Attackers can send malicious content, leading to puzzling or alarming user experiences as unauthorized printouts are delivered. Ensuring proper security measures are in place is critical for preventing such vulnerabilities in IoT devices.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

https://epson.com/Support/wa00826

https://seclists.org/fulldisclosure/2024/Jul/14

mailing-list

CVSS V3.1

Score:

8.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Adjacent Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Changed

Timeline

Vulnerability published
Nov 7, 2024
Vulnerability Reserved
Feb 17, 2020

JSON

Epson

What is CVE-2019-20460?

Human OS v1.0: Ageing Is an Unpatched Zero-Day Vulnerability.

References

CVSS V3.1

Timeline

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.