Cross-Site Request Forgeries (CSRF) Vulnerability


Vulnerability Reference: CVE-2023-27520

Description: A vulnerability has been identified in some Epson printers and network interface products in software (Web Config*) that can check the status of the product itself or change settings on a Web browser.

Impact
: By accessing a specially crafted page, the settings of the product itself may be changed through the Web Config of the product.

Currently, there are no reports of attacks exploiting this vulnerability.

Target products and countermeasures

  • Products other than the following are not affected because there are no vulnerabilities or measures have been taken at the time of shipment.

  • For products that are currently on sale, we plan to release countermeasure firmware as follows. After the firmware is released, we strongly recommend that you download it from the Epson website and apply the update.

  • For products that have not been supplied or are not scheduled to be supplied, we strongly recommend that you take measures by "Workaround method".

Epson Firmware Table

Epson Firmware Updates & Workarounds

Product Name Countermeasure Scheduled Release
SureColor T3270 SeriesApply firmwareF/W Ver.: DN012O7
Release: September 23, 2024
SureColor T5270 SeriesApply firmwareF/W Ver.: DM012O7
Release: September 23, 2024
SureColor T7270 SeriesApply firmwareF/W Ver.: DW012O7
Release: September 23, 2024
SureColor T5270D SeriesApply firmwareF/W Ver.: MM012O7
Release: September 23, 2024
SureColor T7270D SeriesApply firmwareF/W Ver.: MW012O7
Release: September 23, 2024
SureColor T5200 SeriesApply firmwareF/W Ver.: DM012O7
Release: September 23, 2024
SureColor T7200 SeriesApply firmwareF/W Ver.: DW012O7
Release: September
SureColor T5200D SeriesApply firmwareF/W Ver.: MM012O7
Release: September 23, 2024
SureColor P5000 SeriesApply firmwareF/W Ver.: N027N2 (MP10.0)
T/I Release: 5 April, 2023
T/I No.: PR23-FWE-0010
SureColor P7000 SeriesApply firmwareF/W Ver.: LN002N6
T/I Release: 10 July 2023
SureColor P9000 SeriesApply firmwareF/W Ver.: LW002N6
T/I Release: 10 July 2023
SureColor P6000 SeriesApply firmwareF/W Ver.: NN002N6
T/I Release: 10 July 2023
SureColor P8000 SeriesApply firmwareF/W Ver.: NW002N6
T/I Release: 10 July 2023
SureColor P20000 SeriesApply firmwareF/W Ver.: FW002L2
Release: February 19, 2021
SureColor S80600 SeriesApply firmwareF/W Ver.: SA011MB(MP18.1)
T/I Release: 31 March, 2023
T/I No.: PR22-FWE-1967
SureColor S60600 SeriesApply firmwareF/W Ver.: HA027K2(MP16.2)
T/I Release: 31 March, 2023
T/I No.: PR22-FWE-1968
SureColor S40600 SeriesApply firmwareF/W Ver.: BA027K2(MP16.2)
T/I Release: 30 March, 2023
T/I No.: PR22-FWE-1963
SureColor S60600L SeriesApply firmwareF/W Ver.: HC001LA(MP5.1)
T/I Release: 31 March, 2023
T/I No.: PR22-FWE-1970
SureColor S80600L SeriesApply firmwareF/W Ver.: SC024M3(MP6.2)
T/I Release: 31 March, 2023
T/I No.: PR22-FWE-1969
SureColor F7200 SeriesApply firmwareF/W Ver.: CO011LA(MP9.1)
T/I Release: 31 March, 2023
T/I No.: PR22-FWE-1972
SureColor F6370Apply firmwareF/W Ver,: PR026KBb
Release: September 16, 2022
SureColor F9470Apply firmwareF/W Ver.: MT026L5(MP3.1)
T/I Release: 31 March, 2023
T/I No.: PR22-FWE-1971
SureColor F9470HApply firmwareF/W Ver.: MU026L5(MP3.1)
T/I Release: 31 March, 2023
T/I No.: PR22-FWE-1971
SureColor F2100 SeriesApply firmwareF/W Ver.:
TM-C7500Apply firmwareF/W Ver.: WAI34400
T/I Release: 27 March, 2023
T/I No.: TIE06224A
TM-C3500Apply firmwareF/W Ver.: WAM32500
T/I Release: 27 March, 2023
T/I No.: TIE06222A
TM-C3400Workaround Below 
TM-C610Workaround Below 
PX-B510Workaround Below 
PX-B500Workaround Below 
Stylus Pro 3800Workaround Below 
Stylus Pro 3880Workaround Below 
Stylus Photo R3000Workaround Below 
Stylus Photo R2000Workaround Below 
SureColor P400 SeriesWorkaround Below 
SureColor P600 SeriesWorkaround Below 
SureColor P800 SeriesWorkaround Below 
Stylus Pro 4880Workaround Below 
Stylus Pro 7880Workaround Below 
Stylus Pro 9880Workaround Below 
Stylus Pro 11880Workaround Below 
Stylus Pro WT7900Workaround Below 
Stylus Pro 7700Workaround Below 
Stylus Pro 7710Workaround Below 
Stylus Pro 9700Workaround Below 
Stylus Pro 4900Workaround Below 
Stylus Pro 7890Workaround Below 
Stylus Pro 7900Workaround Below 
Stylus Pro 9890Workaround Below 
Stylus Pro 9900Workaround Below 
SureColor T3000 SeriesWorkaround Below 
SureColor T5000 SeriesWorkaround Below 
SureColor T7000 SeriesWorkaround Below 
SureColor P10000 SeriesWorkaround Below 
SureColor S30600 SeriesWorkaround Below 
SureColor S50600 SeriesWorkaround Below 
SureColor S70600 SeriesWorkaround Below 
SureColor F6200 SeriesWorkaround Below 
SureColor F9200 SeriesWorkaround Below 
SureColor F2000 SeriesWorkaround Below 
SureColor F6070Workaround Below 
SureColor F7070Workaround Below 
SureColor F7170Workaround Below 
SureColor F6200Workaround Below 
SureColor F9200Workaround Below 
SureColor F9370Workaround Below 
EpsonNet 10/100 Base TX USB Print Server (C82402*)Workaround Below 
EpsonNet 10/100 Base TX USB Print Server (C82403*)Workaround Below 
EpsonNet 10/100 Base Tx High Speed Int.Print Server (C82405*)Workaround Below 
EpsonNet 802.11g wireless Ext. Print Server (C82422*)Workaround Below 
EpsonNet 10/100 Base Tx Int. Print Server 5 (C82434*)Workaround Below 
EpsonNet 10/100 Base Tx Int. Print Server 5e (C82435*)Workaround Below 
EpsonNet 802.11b/g Wireless and 10/100 Base Tx Ext. Print Server (C82437*)Workaround Below 
EpsonNet Authentication Print (C82440*)Workaround Below 
EpsonNet 10 Base 2/T Int. Print Server (C82362*)Workaround Below 
EpsonNet 10/100 Base Tx Ext. Print Server (C82363*)Workaround Below 
EpsonNet 10/100 Base Tx Ext. Print Server (C82364*)Workaround Below 
EpsonNet 10/100 Base Tx External Print Server (C82378*)Workaround Below 
EpsonNet 10/100 Base Tx Int. Print Server (C82384*)Workaround Below 
EpsonNet 10/100 Base Tx Int. Print Server 2 (C82391*)Workaround Below 
EpsonNet 802.11b Wireless Ext. Print Server (C82396*)Workaround Below 
EpsonNet 802.11b Wireless Ext. Print Server (C82397*)Workaround Below 
EpsonNet 802.11b Wireless Ext. Print Server (C82398*)Workaround Below 
EPSON Network Image Express (B80836*)Workaround Below 
EPSON Network Image Express Card (B80839*)Workaround Below 



Workaround Method

In order for customers to use the product safely and securely, please install and configure it according to the security guidebook here.

  • Installation according to the security guidebook
     
    1. Connecting to the internet

      The product should not be directly connected to the Internet and should be installed in a network protected by a firewall.

      In that case, please set a private IP address and operate.
       
    2. Administrator Password

      Set an administrator password for each product.

      The administrator password should be a complex string that is difficult for others to guess, such as mixing not only English characters but also symbols and numbers to make it 8 characters or more.
       
  • Stronger workaround - Block HTTP (TCP/80 port) access to the product

    1. Blocked by product

      For the following products, you can block HTTP access (TCP/80 port) in Web Config*.
       
      • Commercial and Industrial Printers

        SureColor T5200 Series, SureColor T7200 Series, and SureColor T5200D Series
         
    2. Shut off network equipment in the installation environment

      After configuring the product, block HTTP access (TCP/80 port) to the product with a network device (router or switch).

      Open the port only when you need to update the application settings or firmware.

*Due to blockage, the functions in Web Config may not be available.

Al descargar archivos de esta página, acepta que va a cumplir con los términos y condiciones del Acuerdo de licencia del software de Epson.