Patch program for privilege escalation vulnerability of EPSON Network Utility Software

Version Ver.1.0.1.0
Uploaded date 2015/12/02
File size 263KB
Explanation
New release.
1.Note
This is a patch program to fix the vulnerability issue. (Relevant products are listed in [3. Affected Products])

[About the vulnerability issue]
The EPSON Network utility included with some older Epson printers installs a binary with weak permissions, which can allow a low privilege user to escalate their privileges and take control of the system. Successful exploitation of this vulnerability can lead to unauthorized control of the system by a low privilege user.

2.Supported Environment (OS)
Windows 10 (32/64bit)
Windows 8.1 (32/64bit)
Windows 8 (32/64bit)
Windows 7 (32/64bit)
Windows Vista (32/64bit)
Windows XP (32/64bit)
Windows 2000

3.Affected Products
GP-C830,GP-C831,GP-C832,GP-M800,GP-M830,GP-M831,GP-M832,TM-C3400,TM-C3500,TM-C3510,TM-C3520,TM-C7500,TM-C7510,TM-C7520,TM-C7500G,TM-C7510G,TM-C7520G

4.Affected Contents
Printer Driver for TM-C3400 Ver.1.5.0.0 or earlier
Printer Driver for TM-C3500/C3510/C3520 Ver.1.1.0.3 or earlier
TM-C35x0 Compressed data Driver Ver.1.0.0.5 or earlier
TM-C3500 Series Install Navi Ver.1.1.0.1 or earlier
Epson Inkjet Label Printer SDK (TM-C3400, TM-C3400BK, TM-C3500 Series, TM-C7500 Series, TM-C7500G Series) Ver.1.01 or earlier
EPSON Monitoring Tool Ver.1.50 or earlier

By downloading files from this page, you are agreeing to abide by the terms and conditions of Epson's Software License Agreement.

Notes on downloading

IMPORTANT!
BEFORE DOWNLOADING SOFTWARE, DOCUMENT OR OTHER CONTENTS ON THIS WEBSITE (the “Software”), YOU NEED TO REVIEW AND AGREE TO THE TERMS AND CONDITIONS SET FORTH BELOW, AND YOU MUST FOLLOW THE TERMS AND CONDITIONS WHEN YOU USE THE SOFTWARE.

  • Please review and agree to the license agreement, README or other documents that the Software contains carefully before Installing or using the Software.
  • You agree to use the Software only with the corresponding Epson brand products.
  • You acknowledge and agree that the use of the Software is at your sole risk. THE SOFTWARE IS PROVIDED "AS IS" AND WITHOUT ANY WARRANTY OF ANY KIND. EPSON AND ITS SUPPLIERS DO NOT AND CANNOT WARRANT THE PERFORMANCE OR RESULTS YOU MAY OBTAIN BY USING THE SOFTWARE.
  • You agree not to modify, adapt or translate the Software and further agree not to attempt to reverse engineer, decompile, disassemble or otherwise attempt to discover the source code of the Software.
  • You agree that the Software will not be shipped, transferred or exported into any country or used in any manner prohibited by the applicable export laws, restrictions or regulations.

    • Download

    Patch program for privilege escalation vulnerability of EPSON Network Utility    Ver.1.0.1.0

    File Name:
    ENU_Update.exe
    File size:
    263KB

    Jump to the top