CVE-2020-5674

Untrusted search path vulnerability in the installers of multiple SEIKO EPSON products allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory.

CVSS v3 7.8 HIGH
CVSS v2.0 4.4 MEDIUM

7.8^/10

CVSS v3 : HIGH

V3 Legend

Vector :

Exploitability : 1.8 / Impact : 5.9

Attack Vector LOCAL

Attack Complexity LOW

Privileges Required NONE

User Interaction REQUIRED

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact HIGH

Scope UNCHANGED

4.4^/10

CVSS v2.0 : MEDIUM

V2 Legend

Vector : AV:L/AC:M/Au:N/C:P/I:P/A:P

Exploitability : 3.4 / Impact : 6.4

Access Vector LOCAL

Access Complexity MEDIUM

Authentication NONE

Confidentiality Impact PARTIAL

Integrity Impact PARTIAL

Availability Impact PARTIAL

References

Link	Resource
https://jvn.jp/en/jp/JVN26835001/index.html	Third Party Advisory
https://www.epson.jp/support/misc_t/201119_oshirase.htm	Vendor Advisory
https://www.epson.jp/support/pdf/fy20-001_softwareList_20201106_b.pdf	Vendor Advisory
https://jvn.jp/en/jp/JVN26835001/index.html	Third Party Advisory
https://www.epson.jp/support/misc_t/201119_oshirase.htm	Vendor Advisory
https://www.epson.jp/support/pdf/fy20-001_softwareList_20201106_b.pdf	Vendor Advisory

Configurations

Configuration 1 (hide)

OR	cpe:2.3:a:epson:album_print:-:::::update_program::
	cpe:2.3:a:epson:color_calibration_utility:-:::::::*
	cpe:2.3:a:epson:colorbase:-:::::::*
	cpe:2.3:a:epson:colorio_easy_print:-:::::::*
	cpe:2.3:a:epson:connect:-:::::::*
	cpe:2.3:a:epson:creativity_suite:-:::::::*
	cpe:2.3:a:epson:e-photo:-:::::camera_raw::
	cpe:2.3:a:epson:e-photo:-:::::picture_motion_browser::
	cpe:2.3:a:epson:easy_photo_print:-:::::-::
	cpe:2.3:a:epson:easy_photo_print:-:::::camera_raw::
	cpe:2.3:a:epson:easy_settings:-:::::office::
	cpe:2.3:a:epson:imaging_workshop:-:::::::*
	cpe:2.3:a:epson:link2:-:::::::*
	cpe:2.3:a:epson:multi-print_quicker:-:::::windows::
	cpe:2.3:a:epson:net_config:-:::::::*
	cpe:2.3:a:epson:net_config_se:-:::::::*
	cpe:2.3:a:epson:net_print:-:::::::*
	cpe:2.3:a:epson:net_software_development_kit:-:::::::*
	cpe:2.3:a:epson:photolier:-:::::::*
	cpe:2.3:a:epson:photoquicker:-:::::::*
	cpe:2.3:a:epson:photostarter:3.1:::::::*
	cpe:2.3:a:epson:pm-t990_integrated_installer:-:::::windows::
	cpe:2.3:a:epson:print:-:::::playmemories_home::
	cpe:2.3:a:epson:print:-:::::silkypix::
	cpe:2.3:a:epson:print:-:::::viewnx::
	cpe:2.3:a:epson:print_image_framer_tool:-:::::::*
	cpe:2.3:a:epson:print_layout:-:::::photoshop::
	cpe:2.3:a:epson:prolab_print:-:::::::*
	cpe:2.3:a:epson:prolab_print:-:::::camera_raw::
	cpe:2.3:a:epson:remote_printer_driver:-:::::::*
	cpe:2.3:a:epson:scan_icm_updater:-:::::::*
	cpe:2.3:a:epson:scanner_driver:-:::::::*
	cpe:2.3:a:epson:web_to_page:-:::::::*
	cpe:2.3:a:epson:webconfig:-:::::::*

Configuration 2 (hide)

AND

cpe:2.3:a:epson:universal_print_driver:-:*:*:*:*:*:*:*

OR	cpe:2.3:o:microsoft:windows:-::::::x64:
	cpe:2.3:o:microsoft:windows:-::::::x86:

Configuration 3 (hide)

AND

OR	cpe:2.3:a:epson:status_monitor_2:-:::::::*
	cpe:2.3:a:epson:status_monitor_3:-:::::::*

cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*

Configuration 4 (hide)

AND

cpe:2.3:o:epson:ec-01_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:epson:ec-01:-:*:*:*:*:*:*:*

Configuration 5 (hide)

AND

cpe:2.3:a:epson:print_image_framer_tool:-:*:*:*:*:*:*:*

OR	cpe:2.3:o:microsoft:windows_98:-:::::::*
	cpe:2.3:o:microsoft:windows_me:-:::::::*

History

21 Nov 2024, 05:34

Type	Values Removed	Values Added
References	~~() https://jvn.jp/en/jp/JVN26835001/index.html - Third Party Advisory~~	() https://jvn.jp/en/jp/JVN26835001/index.html - Third Party Advisory
References	~~() https://www.epson.jp/support/misc_t/201119_oshirase.htm - Vendor Advisory~~	() https://www.epson.jp/support/misc_t/201119_oshirase.htm - Vendor Advisory
References	~~() https://www.epson.jp/support/pdf/fy20-001_softwareList_20201106_b.pdf - Vendor Advisory~~	() https://www.epson.jp/support/pdf/fy20-001_softwareList_20201106_b.pdf - Vendor Advisory

Information

Published : 2020-11-24 07:15

Updated : 2024-11-21 05:34

NVD link : CVE-2020-5674

Mitre link : CVE-2020-5674

CVE.ORG link : CVE-2020-5674

JSON object : View

Products Affected

epson

easy_settings
print_image_framer_tool
photolier
color_calibration_utility
ec-01
colorio_easy_print
net_config_se
colorbase
web_to_page
prolab_print
connect
print_layout
scanner_driver
net_print
photoquicker
webconfig
album_print
creativity_suite
multi-print_quicker
net_software_development_kit
status_monitor_2
easy_photo_print
link2
remote_printer_driver
net_config
imaging_workshop
ec-01_firmware
pm-t990_integrated_installer
universal_print_driver
status_monitor_3
scan_icm_updater
e-photo
print
photostarter

microsoft

windows
windows_me
windows_98

CWE

CWE-427

Uncontrolled Search Path Element

{"id": "CVE-2020-5674", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 4.4, "accessVector": "LOCAL", "vectorString": "AV:L/AC:M/Au:N/C:P/I:P/A:P", "authentication": "NONE", "integrityImpact": "PARTIAL", "accessComplexity": "MEDIUM", "availabilityImpact": "PARTIAL", "confidentialityImpact": "PARTIAL"}, "acInsufInfo": false, "impactScore": 6.4, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 3.4, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": true}], "cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.8, "attackVector": "LOCAL", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "REQUIRED", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 1.8}]}, "published": "2020-11-24T07:15:11.937", "references": [{"url": "https://jvn.jp/en/jp/JVN26835001/index.html", "tags": ["Third Party Advisory"], "source": "vultures@jpcert.or.jp"}, {"url": "https://www.epson.jp/support/misc_t/201119_oshirase.htm", "tags": ["Vendor Advisory"], "source": "vultures@jpcert.or.jp"}, {"url": "https://www.epson.jp/support/pdf/fy20-001_softwareList_20201106_b.pdf", "tags": ["Vendor Advisory"], "source": "vultures@jpcert.or.jp"}, {"url": "https://jvn.jp/en/jp/JVN26835001/index.html", "tags": ["Third Party Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://www.epson.jp/support/misc_t/201119_oshirase.htm", "tags": ["Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://www.epson.jp/support/pdf/fy20-001_softwareList_20201106_b.pdf", "tags": ["Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-427"}]}], "descriptions": [{"lang": "en", "value": "Untrusted search path vulnerability in the installers of multiple SEIKO EPSON products allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory."}, {"lang": "es", "value": "Una vulnerabilidad de ruta de b\u00fasqueda no confiable en los instaladores de m\u00faltiples productos SEIKO EPSON, permite a un atacante alcanzar privilegios por medio de una DLL de tipo caballo de Troya en un directorio no especificado"}], "lastModified": "2024-11-21T05:34:27.477", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:epson:album_print:-:*:*:*:*:update_program:*:*", "vulnerable": true, "matchCriteriaId": "48F91F47-D4DB-43A9-85FC-98A52D4656D6"}, {"criteria": "cpe:2.3:a:epson:color_calibration_utility:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "94EE867A-EE2E-469B-875F-B2E11F6508F9"}, {"criteria": "cpe:2.3:a:epson:colorbase:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "AAEFA568-7007-466B-8746-B8AC1B2E74AF"}, {"criteria": "cpe:2.3:a:epson:colorio_easy_print:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "805121F0-EE95-411B-9D8F-217DE202DB4C"}, {"criteria": "cpe:2.3:a:epson:connect:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "DB25B1B2-6766-4FF5-BA83-AF4579DE905F"}, {"criteria": "cpe:2.3:a:epson:creativity_suite:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "41CB4CD9-7A73-4EB5-A22B-EE46C2315732"}, {"criteria": "cpe:2.3:a:epson:e-photo:-:*:*:*:*:camera_raw:*:*", "vulnerable": true, "matchCriteriaId": "37FF3D98-82FB-4E87-BB64-371D64811C83"}, {"criteria": "cpe:2.3:a:epson:e-photo:-:*:*:*:*:picture_motion_browser:*:*", "vulnerable": true, "matchCriteriaId": "893E9653-D468-4BF5-9F32-E7CAF9C655AF"}, {"criteria": "cpe:2.3:a:epson:easy_photo_print:-:*:*:*:*:-:*:*", "vulnerable": true, "matchCriteriaId": "D0FCC3A3-9E02-4CAA-A8B8-B7CA0084D672"}, {"criteria": "cpe:2.3:a:epson:easy_photo_print:-:*:*:*:*:camera_raw:*:*", "vulnerable": true, "matchCriteriaId": "1287AFA1-D572-469D-852C-F2C39798EEB4"}, {"criteria": "cpe:2.3:a:epson:easy_settings:-:*:*:*:*:office:*:*", "vulnerable": true, "matchCriteriaId": "3914291A-AF9C-4B97-AF99-FF9BC47961B8"}, {"criteria": "cpe:2.3:a:epson:imaging_workshop:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "757A2598-DFFB-42CC-AF5B-74B54F73FC15"}, {"criteria": "cpe:2.3:a:epson:link2:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "4D953E72-77C9-4AD2-9499-03511311E2DE"}, {"criteria": "cpe:2.3:a:epson:multi-print_quicker:-:*:*:*:*:windows:*:*", "vulnerable": true, "matchCriteriaId": "68D2A328-0A73-4071-B39A-EC70C43FB03B"}, {"criteria": "cpe:2.3:a:epson:net_config:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "4B9942B4-5EE6-46E3-B9A7-4DAB9DEC868D"}, {"criteria": "cpe:2.3:a:epson:net_config_se:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C9148DA8-7E6C-4B68-B0BF-6C30E6AA2E03"}, {"criteria": "cpe:2.3:a:epson:net_print:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "DAFEB911-0397-4598-9125-83B42DF82300"}, {"criteria": "cpe:2.3:a:epson:net_software_development_kit:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "8C0A183B-3EAB-4CB1-A92C-29814E884FFB"}, {"criteria": "cpe:2.3:a:epson:photolier:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "EEAD9BB8-5FC8-4A6E-BA04-0376D2B3829D"}, {"criteria": "cpe:2.3:a:epson:photoquicker:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "22864077-BA06-48E7-92C4-804C07540D81"}, {"criteria": "cpe:2.3:a:epson:photostarter:3.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "21AF90FB-DC56-4D6D-9B3A-3BD9831B71E6"}, {"criteria": "cpe:2.3:a:epson:pm-t990_integrated_installer:-:*:*:*:*:windows:*:*", "vulnerable": true, "matchCriteriaId": "3FAED136-5494-4BAC-86C2-FD78BAAB99C3"}, {"criteria": "cpe:2.3:a:epson:print:-:*:*:*:*:playmemories_home:*:*", "vulnerable": true, "matchCriteriaId": "5D975A2B-4A9A-4112-804E-572258A950E7"}, {"criteria": "cpe:2.3:a:epson:print:-:*:*:*:*:silkypix:*:*", "vulnerable": true, "matchCriteriaId": "6ACD4EF0-3737-40D3-9241-62F62A42C210"}, {"criteria": "cpe:2.3:a:epson:print:-:*:*:*:*:viewnx:*:*", "vulnerable": true, "matchCriteriaId": "7C1D5774-AB44-4FBE-BE76-A1163E2FE229"}, {"criteria": "cpe:2.3:a:epson:print_image_framer_tool:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "23A7DDCC-139F-49DA-B934-E516ABEC39B2"}, {"criteria": "cpe:2.3:a:epson:print_layout:-:*:*:*:*:photoshop:*:*", "vulnerable": true, "matchCriteriaId": "E239E07B-97BE-497E-8E23-E7360597CF15"}, {"criteria": "cpe:2.3:a:epson:prolab_print:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "12C98ECC-AD46-4FA6-8EE5-3D8D40513095"}, {"criteria": "cpe:2.3:a:epson:prolab_print:-:*:*:*:*:camera_raw:*:*", "vulnerable": true, "matchCriteriaId": "3FAA6D17-1E9A-4A03-8180-1E3F4C9DB3CD"}, {"criteria": "cpe:2.3:a:epson:remote_printer_driver:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F9D6E33D-8034-4D1F-96EF-F77D5263DAA3"}, {"criteria": "cpe:2.3:a:epson:scan_icm_updater:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C67751C5-8A62-4EC1-84B3-0F6D8F7168B2"}, {"criteria": "cpe:2.3:a:epson:scanner_driver:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "21033145-DAB6-479E-972E-D4E06F043D81"}, {"criteria": "cpe:2.3:a:epson:web_to_page:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C039FA52-ACEA-4173-9DA5-A79E824D164C"}, {"criteria": "cpe:2.3:a:epson:webconfig:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "621D2404-C063-4DEC-BD2D-65B01B4BC74A"}], "operator": "OR"}]}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:epson:universal_print_driver:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "9D9EFF20-1E2F-45C9-8395-3D8CF1067357"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:x64:*", "vulnerable": false, "matchCriteriaId": "82132539-3C34-4B63-BE2A-F51077D8BC5A"}, {"criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:x86:*", "vulnerable": false, "matchCriteriaId": "60366048-32FE-4081-A852-04319FD7A52C"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:epson:status_monitor_2:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "52E77D28-30B0-459E-B121-5D6D381CFB44"}, {"criteria": "cpe:2.3:a:epson:status_monitor_3:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "0852ABB9-5632-471A-BE1B-A0DBF08DF706"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:epson:ec-01_firmware:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "638E1D59-4F3E-4D51-B9D8-02A438B028B3"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:epson:ec-01:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "A73DE5CB-AFB3-4622-8F87-4842858B8A41"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:epson:print_image_framer_tool:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "23A7DDCC-139F-49DA-B934-E516ABEC39B2"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:microsoft:windows_98:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "40FC681A-7B85-4495-8DCC-C459FE7E2F13"}, {"criteria": "cpe:2.3:o:microsoft:windows_me:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "5E44D629-D3EB-4F67-BF67-B25910453562"}], "operator": "OR"}], "operator": "AND"}], "sourceIdentifier": "vultures@jpcert.or.jp"}

7.8 /10