CVE-2025-64310

9.3CRITICAL

Key Information:

Vendor

Seiko Epson Corporation

Status
Epson Webconfig For Seiko Epson Projector Products
Epson Web Control For Seiko Epson Projector Products
Vendor
CVE Published:
21 November 2025

What is CVE-2025-64310?

EPSON WebConfig and Epson Web Control for SEIKO EPSON Projector Products do not restrict excessive authentication attempts. An administrative user's password may be identified through a brute force attack.

Affected Version(s)

Epson Web Control for SEIKO EPSON Projector Products see the information provided by the vendor

EPSON WebConfig for SEIKO EPSON Projector Products see the information provided by the vendor

References

https://www.epson.jp/support/misc_t/251120_oshirase.htm
https://jvn.jp/en/vu/JVNVU95021911/

CVSS V4

Score:
9.3
Severity:
CRITICAL
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Attack Required:
None
Privileges Required:
Undefined
User Interaction:
None

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.
CVE-2025-64310 : Authentication Bypass Vulnerability in EPSON WebConfig and Web Control Products