Seiko-Epson printer driver enables rights extension to system

Seiko-Epson's Windows printer drivers have a vulnerability that allows attackers to escalate their privileges to SYSTEM level. Updated software is available to patch the underlying vulnerability.

In a security warning, Epson explains that the Windows drivers on non-English-speaking systems in particular have the problem. To become vulnerable, it is sufficient to change the language to a language other than English. It is possible to overwrite some DLL files managed by the printer driver, thereby gaining full access rights (CVE-2025-42598, CVSS 8.4, risk “high”).

User interaction required for misuse

In the CVE vulnerability description, the authors state that users could be tricked into copying a manipulated DLL file to a location in the file system suggested by attackers. The malicious actors can then execute arbitrary code with SYSTEM privileges on Windows systems where the Seiko-Epson printer driver is installed.

Epson provides a program called “Epson Printer Driver Security Support Tool” for download. The “Epson Software Updater” can also download this. Installing the tool should seal the security leak.

The drivers for all Windows versions since Windows XP are affected. Epson lists Windows XP/XP Professional x64 Edition, Vista/Vista x64 Edition, 7/7 x64, 8/8 x64, 8.1/8.1 x64, 10/10 x64, 11 x64 as well as Windows Server 2003, 2008, 2016, 2019, 2022 and 2025 and thus many old systems for which Microsoft itself no longer offers support.

Around six months ago, a security vulnerability was discovered in the web interface of numerous printers, scanners, and network interface products from Seiko-Epson. Attackers were able to take control of the devices as a result. The flaw was almost trivial: no admin password was assigned, so anyone on the network could have set one. As a countermeasure, the manufacturer recommends that IT managers should assign an admin password themselves.

(dmk)