CVE-2020-5681
First published: Thu Dec 24 2020(Updated: )
Untrusted search path vulnerability in self-extracting files created by EpsonNet SetupManager versions 2.2.14 and earlier, and Offirio SynergyWare PrintDirector versions 1.6x/1.6y and earlier allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory.
Credit: vultures@jpcert.or.jp
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Epson Epsonnet Setupmanager | <2.2.15 | |
| Epson Offirio Synergyware Printdirector | <1.6.1.1\/1.6.1.2 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the vulnerability ID?
The vulnerability ID is CVE-2020-5681.
What is the severity of CVE-2020-5681?
The severity of CVE-2020-5681 is critical with a severity value of 7.8.
Which software versions are affected by CVE-2020-5681?
The affected software versions are EpsonNet SetupManager versions up to 2.2.14 and Offirio SynergyWare PrintDirector versions up to 1.6.1.1/1.6.1.2.
How does CVE-2020-5681 work?
CVE-2020-5681 allows an attacker to gain privileges by exploiting an untrusted search path vulnerability in self-extracting files created by EpsonNet SetupManager and Offirio SynergyWare PrintDirector.
Is there a fix for CVE-2020-5681?
Yes, apply the latest security updates provided by Epson to fix CVE-2020-5681.