Epson Hard-Coded Credentials Vulnerability | [CVE-2017-12860]

Vulnerability Details

CVSS Rating: 8.5 (high)

CVE-2017-12860

Disclosing Company: Rhino Security Labs

Date: 10/10/2017

Status: Published

Affected software/version:
Epson EasyMP (2.x)

Disclosure

Rhino Security Labs References

Blog Post: "Epson Vulnerability: EasyMP Projector Takeover"

GitHub: Epson CVE Proof of Concept Exploits

MITRE

NIST

Disclosure Date

10/10/2017

Vulnerability Description

The Epson "EasyMP" software (tested on version 2.86) is designed to remotely stream a user's computer to supporting projectors. These devices are authenticated using a unique 4-digit code, displayed on-screen - ensuring only those who can view it are streaming. In addition to the password, each projector (tested on PowerLite Pro G5650W and G6050W) has a hardcoded "backdoor" code (2270), which authenticates to all devices.

Related Disclosures

Epson Authentication Bruteforce Vulnerability
[CVE-2017-12861]

CVSS Metrics

CVSS Rating (version 3.0)

8.5 (High)

Impact Score

Exploitability Score

5.9

2.2

Attack Vector

Network

Attack Complexity (AC)High Privileges Required (PR)None User Interaction (UI)None Scope (S)Unchanged

Confidentiality (C)High Integrity (I)High Availability (A)High

Epson Hard-Coded Credentials Vulnerability[CVE-2017-12860]