CVE-2020-37064

Name of the Vulnerable Software and Affected Versions EPSON EasyMP Network Projection version 2.81

Description The software contains a flaw due to an unquoted service path in the EMP NSWLSV service. This could allow local users to potentially execute arbitrary code. An attacker can exploit the unquoted path located at C:Program Files (x86)EPSON ProjectorEasyMP Network Projection V2 to inject malicious code. Successful exploitation may result in the execution of this code with LocalSystem privileges.

Recommendations Update EPSON EasyMP Network Projection to a version that addresses this issue. As a temporary workaround, restrict access to the vulnerable directory C:Program Files (x86)EPSON ProjectorEasyMP Network Projection V2.