Vulnerability Reference: CVE-2018-5550
Release Date: January 19, 2018
Description: Epson has become aware of a vulnerability related to Epson’s web configuration page for AirPrint in certain Epson printer products.
Impact: This vulnerability may compromise the security of the printer’s web browser through the injection of malicious code or scripts.
Solution: Epson periodically provides firmware updates to address issues of security, performance, minor bug fixes, and to ensure your printer functions as designed. To update your printer’s firmware, run the Epson Software Updater utility and follow the step-by-step instructions. If your printer’s firmware isn't yet available (see schedule below), this utility will automatically notify you when it becomes available. Please visit our Updating your Printer's Firmware Using Epson Software Updater page for additional information.
If you haven’t already installed the Epson Software Updater utility, you can download it here.
In the meantime, and as a general rule to help secure all devices, end-users and their administrators should always implement and maintain industry-standard security controls and practices in setting up and managing their networks. Those practices include immediately replacing default passwords with strong passwords, use of up to date antivirus/malware protection, utilizing the strongest possible wireless encryption protocol and enabling appropriate firewall rules. Additionally, Epson always recommends that end users routinely check for software and firmware updates and keep their products updated to the latest software and firmware to achieve the best possible performance from their products.