Epson iProjection Software Driver Vulnerability

 

Vulnerability Reference: CVE-2020-9014

Release Date: 05/04/2022

Description:
 In Epson iProjection v2.30, the driver file (EMP_NSAU.sys) may allow local users to cause a denial of service (BSOD) via crafted input to the virtual audio device driver with IOCTL 0x9C402402, 0x9C402406, or 0x9C40240A.

Impact: Successful exploitation of this vulnerability can cause a denial of service attack resulting in the computer crashing.

Solution: To ensure the security of your Epson product, please download and install the latest version of Epson iProjection for your product by using the link below. In the meantime, and as a general rule to help secure all devices, end-users and their administrators should always implement and maintain industry-standard security controls and practices in setting up and managing their networks. Those practices include immediately replacing default passwords with strong passwords, connecting projectors behind a firewall and keeping all software and firmware up-to-date.

This version of Epson iProjection is compatible with Windows 11, Windows 10 32/64-bit, Windows 8.1 32/64-bit

Affected Models Affected Epson iProjection Versions New Epson iProjection Version Download
All projector models using Epson iProjection 2.30 and below 4.01 DOWNLOAD

 

By downloading files from this page, you are agreeing to abide by the terms and conditions of Epson's Software License Agreement.