Vulnerability Description
Untrusted search path vulnerability in self-extracting files created by EpsonNet SetupManager versions 2.2.14 and earlier, and Offirio SynergyWare PrintDirector versions 1.6x/1.6y and earlier allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Epson | Epsonnet Setupmanager | < 2.2.15 |
| Epson | Offirio Synergyware Printdirector | < 1.6.1.1\/1.6.1.2 |
Related Weaknesses (CWE)
References
- https://jvn.jp/en/jp/JVN94244575/index.htmlThird Party Advisory
- https://www.epson.jp/support/misc_t/201217_oshirase.htmVendor Advisory
- https://jvn.jp/en/jp/JVN94244575/index.htmlThird Party Advisory
- https://www.epson.jp/support/misc_t/201217_oshirase.htmVendor Advisory
FAQ
What is CVE-2020-5681?
CVE-2020-5681 is a vulnerability with a CVSS score of 7.8 (HIGH). Untrusted search path vulnerability in self-extracting files created by EpsonNet SetupManager versions 2.2.14 and earlier, and Offirio SynergyWare PrintDirector versions 1.6x/1.6y and earlier allows a...
How severe is CVE-2020-5681?
CVE-2020-5681 has been rated HIGH with a CVSS base score of 7.8/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2020-5681?
Check the references section above for vendor advisories and patch information. Affected products include: Epson Epsonnet Setupmanager, Epson Offirio Synergyware Printdirector.