CVE-2020-9014
First published: Fri Feb 05 2021(Updated: )
In Epson iProjection v2.30, the driver file (EMP_NSAU.sys) allows local users to cause a denial of service (BSOD) via crafted input to the virtual audio device driver with IOCTL 0x9C402402, 0x9C402406, or 0x9C40240A. \Device\EMPNSAUIO and \DosDevices\EMPNSAU are similarly affected.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Epson iProjection | <=2.30 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is CVE-2020-9014?
CVE-2020-9014 is a vulnerability in Epson iProjection v2.30 that allows local users to cause a denial of service (BSOD) by exploiting a driver file (EMP_NSAU.sys) with crafted input to the virtual audio device driver.
How can the vulnerability be exploited?
The vulnerability can be exploited by local users sending crafted input to the virtual audio device driver with specific IOCTL values.
What is the severity level of CVE-2020-9014?
The severity level of CVE-2020-9014 is medium with a CVSS score of 5.5.
How can I fix CVE-2020-9014?
To fix CVE-2020-9014, update Epson iProjection to a version that is not affected by the vulnerability.
Where can I find more information about CVE-2020-9014?
More information about CVE-2020-9014 can be found at the following references: [Link1], [Link2], [Link3].
- collector/nvd-index
- agent/description
- agent/event
- agent/references
- agent/severity
- agent/author
- agent/type
- agent/last-modified-date
- agent/remedy
- agent/softwarecombine
- agent/first-publish-date
- agent/tags
- collector/mitre-cve
- source/MITRE
- vendor/epson
- canonical/epson iprojection
- version/epson iprojection/2.30