PT-2024-10772 · Epson+1 · Epson Products+1
Edwin Gozeling
+2
·
Published
2024-11-07
·
Updated
2025-04-24
·
CVE-2020-11918
CVSS v3.1
5.4
Medium
| Vector | AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N |
Name of the Vulnerable Software and Affected Versions
Siime Eye version 14.1.00000001.3.330.0.0.3.14
Description
An issue was discovered in Siime Eye where information on all users, including passwords, can be found in cleartext in a backup file created through the web interface. An attacker capable of accessing the web interface can create the backup file.
Recommendations
For Siime Eye version 14.1.00000001.3.330.0.0.3.14, as a temporary workaround, consider restricting access to the web interface to minimize the risk of exploitation. Additionally, avoid using the backup feature until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.
Exploit
Cleartext Storage of Sensitive Information
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Brother Printers
Epson Products