PT-2026-5583 · Epson · Epson Easymp Network Projection
Roberto Piña
·
Published
2020-02-13
·
Updated
2026-02-01
·
CVE-2020-37064
CVSS v3.1
7.8
High
| Vector | AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
EPSON EasyMP Network Projection version 2.81
Description
The software contains a flaw due to an unquoted service path in the EMP NSWLSV service. This could allow local users to potentially execute arbitrary code. An attacker can exploit the unquoted path located at C:Program Files (x86)EPSON ProjectorEasyMP Network Projection V2 to inject malicious code. Successful exploitation may result in the execution of this code with LocalSystem privileges.
Recommendations
Update EPSON EasyMP Network Projection to a version that addresses this issue. As a temporary workaround, restrict access to the vulnerable directory C:Program Files (x86)EPSON ProjectorEasyMP Network Projection V2.
Exploit
Fix
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Epson Easymp Network Projection