ESC/POS commands are sent and received between the printer and the network via the TCP/9100 port.
Note: TCP/9100 is a standard communication path for a network printer to receive print data directly from a host and execute printing.
ESC/POS and TCP/9100 are designed for use in closed networks and do not have pre-defined authentication or encryption mechanisms, leading to the following vulnerabilities.
- No restrictions on sender
Any host in the network to which the printer is connected can send and execute any command to the printer.
- Communications are not encrypted
An attacker within the network to which the printer is connected can exploit the communication content.
Note: The printer drivers of EPSON also use ESC/POS commands to print.
Impact: There are no reports of attacks exploiting this vulnerability until now.
Solution: To ensure the security of your EPSON product, we recommend end-users and their administrators implement and maintain industry-standard security controls and practices when setting up and managing the network to which the product is connected.
Internet Connection
- Do not connect the product directly to the Internet; install it within a network protected by a firewall.
- Please set a private IP address for the product.
For more information on securing your EPSON product, please refer “Security Guidebook for customers using POS Printers”. The security guidebook is available on the following website: Security for Printers and MFPs.
Affected Products:
For more information on securing your EPSON product, please refer to the “Security Guidebook for customers using POS Printers."
TM-H6000V, TM-H6000VI
TM-L100
TM-m10, TM-m30, TM-m30II(-H,-NT,-S, -SL), TM-m30III(C, -H)
TM-m50, TM-m50II(-H)
TM-P20, TM-P80, TM-P20II, TM-P60II, TM-P80II
TM-T20III(L), TM-T20IV(-L, -SP), TM-T20X(-II)
TM-T81III, TM-T82III(L), TM-T82IV(-L), TM-T82X(-II), TM-T83III, TM-T83IV
TM-T88VI(-Hub), TM-T88VII
TM-T100
UB-E04, UB-R04, UB-R05