Stack-Based Buffer Overflow in SEIKO EPSON Web Config
CVE-2025-66635

8.6HIGH

Key Information:

Vendor: Seiko Epson Corporation
Status: Web Config
Vendor: CVE Published:; 16 December 2025

🔔 Create Seiko Epson Corporation Vulnerability Alert

What is CVE-2025-66635?

A stack-based buffer overflow vulnerability has been identified in SEIKO EPSON Web Config, which may allow an attacker to execute arbitrary code. This security issue arises when a logged-in user inputs specially crafted data, leading to unauthorized execution of commands. Users are advised to refer to official vendor communications for detailed information on affected versions and mitigation strategies.

Affected Version(s)

Web Config See the information/details provided by the vendor

References

https://www.epson.jp/support/misc_t/251216_oshirase.htm

https://jvn.jp/en/jp/JVN51846148/

CVSS V4

Score:

8.6

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Attack Required:

None

Privileges Required:

Undefined

User Interaction:

None

CVSS V3.0

Score:

7.2

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

High

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Dec 16, 2025
Vulnerability Reserved
Dec 10, 2025

JSON