CVE-2026-23767 - Vulnerability Details

- Unrestricted ESC/POS Commands Enable Unauthorized Printing

Description

ESC/POS, a printer control language designed by Seiko Epson Corporation, lacks mechanisms for user authentication and command authorization, does not provide controls to restrict sources or destinations of network communication, and transmits commands without encryption or integrity protection.

Published: 2026-03-05

Score: 9.8 Critical

EPSS: < 1% Very Low

KEV: No

Impact:

Action:

Analysis

Analysis and contextual insights are available on OpenCVE Cloud.

Default status is the baseline for the product, each version can override it (e.g. patched versions marked unaffected).

Vendor Product Default status Versions

Seiko Epson Corporation

ESC/POS

affected

Version	Status	Constraints
`All products implementing ESC/POS`	affected	—

Configuration 1 [-]

AND

cpe:2.3:o:epson:sb-h50_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:epson:sb-h50:-:*:*:*:*:*:*:*

Configuration 2 [-]

AND

cpe:2.3:o:epson:tm-h6000v_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:epson:tm-h6000v:-:*:*:*:*:*:*:*

Configuration 3 [-]

AND

cpe:2.3:o:epson:tm-l100_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:epson:tm-l100:-:*:*:*:*:*:*:*

Configuration 4 [-]

AND

cpe:2.3:o:epson:tm-m10_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:epson:tm-m10:-:*:*:*:*:*:*:*

Configuration 5 [-]

AND

cpe:2.3:o:epson:tm-m30_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:epson:tm-m30:-:*:*:*:*:*:*:*

Configuration 6 [-]

AND

cpe:2.3:o:epson:tm-m30ii_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:epson:tm-m30ii:-:*:*:*:*:*:*:*

Configuration 7 [-]

AND

cpe:2.3:o:epson:tm-m30ii-h_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:epson:tm-m30ii-h:-:*:*:*:*:*:*:*

Configuration 8 [-]

AND

cpe:2.3:o:epson:tm-m30ii-s_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:epson:tm-m30ii-s:-:*:*:*:*:*:*:*

Configuration 9 [-]

AND

cpe:2.3:o:epson:tm-m30ii-sl_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:epson:tm-m30ii-sl:-:*:*:*:*:*:*:*

Configuration 10 [-]

AND

cpe:2.3:o:epson:tm-m30iii_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:epson:tm-m30iii:-:*:*:*:*:*:*:*

Configuration 11 [-]

AND

cpe:2.3:o:epson:tm-m30iii-h_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:epson:tm-m30iii-h:-:*:*:*:*:*:*:*

Configuration 12 [-]

AND

cpe:2.3:o:epson:tm-m55_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:epson:tm-m55:-:*:*:*:*:*:*:*

Configuration 13 [-]

AND

cpe:2.3:o:epson:tm-p20ii_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:epson:tm-p20ii:-:*:*:*:*:*:*:*

Configuration 14 [-]

AND

cpe:2.3:o:epson:tm-p80ii_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:epson:tm-p80ii:-:*:*:*:*:*:*:*

Configuration 15 [-]

AND

cpe:2.3:o:epson:tm-p20_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:epson:tm-p20:-:*:*:*:*:*:*:*

Configuration 16 [-]

AND

cpe:2.3:o:epson:tm-p60ii_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:epson:tm-p60ii:-:*:*:*:*:*:*:*

Configuration 17 [-]

AND

cpe:2.3:o:epson:tm-p80_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:epson:tm-p80:-:*:*:*:*:*:*:*

Configuration 18 [-]

AND

cpe:2.3:o:epson:tm-t20ii_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:epson:tm-t20ii:-:*:*:*:*:*:*:*

Configuration 19 [-]

AND

cpe:2.3:o:epson:tm-t20iii_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:epson:tm-t20iii:-:*:*:*:*:*:*:*

Configuration 20 [-]

AND

cpe:2.3:o:epson:tm-t88vi_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:epson:tm-t88vi:-:*:*:*:*:*:*:*

Configuration 21 [-]

AND

cpe:2.3:o:epson:tm-t88vi-ihub_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:epson:tm-t88vi-ihub:-:*:*:*:*:*:*:*

Configuration 22 [-]

AND

cpe:2.3:o:epson:tm-t88vii_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:epson:tm-t88vii:-:*:*:*:*:*:*:*

Configuration 23 [-]

AND

cpe:2.3:o:epson:ub-r04_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:epson:ub-r04:-:*:*:*:*:*:*:*

Configuration 24 [-]

AND

cpe:2.3:o:epson:ub-e04_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:epson:ub-e04:-:*:*:*:*:*:*:*

No data.

Vendor Product Confidence Versions

Epson

Esc Pos

100%

Version	Status	Scheme	Platform
`[0,*]`	affected	generic	—

Found an issue or want to improve our Enrichment? You can suggest it directly by opening an issue on our dedicated GitHub repository .

Remediation

No vendor fix or workaround currently provided.

Additional remediation guidance may be available on OpenCVE Cloud.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

The EPSS score is 0.0007.

Exploitation none

Automatable yes

Technical Impact total

References

Link	Providers
https://download4.epson.biz/sec_pubs/bs/pdf/IP_Filtering_Guide_en_revA.pdf
https://jvn.jp/en/ta/JVNTA97995322/
https://www.epson.jp/support/misc_t/260305_oshirase.htm

History

Fri, 17 Apr 2026 13:15:00 +0000

Type	Values Removed	Values Added
Title		Unrestricted ESC/POS Commands Enable Unauthorized Printing

Mon, 09 Mar 2026 18:45:00 +0000

Type	Values Removed	Values Added
First Time appeared		Epson sb-h50 Epson sb-h50 Firmware Epson tm-h6000v Epson tm-h6000v Firmware Epson tm-l100 Epson tm-l100 Firmware Epson tm-m10 Epson tm-m10 Firmware Epson tm-m30 Epson tm-m30 Firmware Epson tm-m30ii Epson tm-m30ii-h Epson tm-m30ii-h Firmware Epson tm-m30ii-s Epson tm-m30ii-s Firmware Epson tm-m30ii-sl Epson tm-m30ii-sl Firmware Epson tm-m30ii Firmware Epson tm-m30iii Epson tm-m30iii-h Epson tm-m30iii-h Firmware Epson tm-m30iii Firmware Epson tm-m55 Epson tm-m55 Firmware Epson tm-p20 Epson tm-p20 Firmware Epson tm-p20ii Epson tm-p20ii Firmware Epson tm-p60ii Epson tm-p60ii Firmware Epson tm-p80 Epson tm-p80 Firmware Epson tm-p80ii Epson tm-p80ii Firmware Epson tm-t20ii Epson tm-t20ii Firmware Epson tm-t20iii Epson tm-t20iii Firmware Epson tm-t88vi Epson tm-t88vi-ihub Epson tm-t88vi-ihub Firmware Epson tm-t88vi Firmware Epson tm-t88vii Epson tm-t88vii Firmware Epson ub-e04 Epson ub-e04 Firmware Epson ub-r04 Epson ub-r04 Firmware
CPEs		cpe:2.3:h:epson:sb-h50:-:::::::* cpe:2.3:h:epson:tm-h6000v:-:::::::* cpe:2.3:h:epson:tm-l100:-:::::::* cpe:2.3:h:epson:tm-m10:-:::::::* cpe:2.3:h:epson:tm-m30:-:::::::* cpe:2.3:h:epson:tm-m30ii-h:-:::::::* cpe:2.3:h:epson:tm-m30ii-s:-:::::::* cpe:2.3:h:epson:tm-m30ii-sl:-:::::::* cpe:2.3:h:epson:tm-m30ii:-:::::::* cpe:2.3:h:epson:tm-m30iii-h:-:::::::* cpe:2.3:h:epson:tm-m30iii:-:::::::* cpe:2.3:h:epson:tm-m55:-:::::::* cpe:2.3:h:epson:tm-p20:-:::::::* cpe:2.3:h:epson:tm-p20ii:-:::::::* cpe:2.3:h:epson:tm-p60ii:-:::::::* cpe:2.3:h:epson:tm-p80:-:::::::* cpe:2.3:h:epson:tm-p80ii:-:::::::* cpe:2.3:h:epson:tm-t20ii:-:::::::* cpe:2.3:h:epson:tm-t20iii:-:::::::* cpe:2.3:h:epson:tm-t88vi-ihub:-:::::::* cpe:2.3:h:epson:tm-t88vi:-:::::::* cpe:2.3:h:epson:tm-t88vii:-:::::::* cpe:2.3:h:epson:ub-e04:-:::::::* cpe:2.3:h:epson:ub-r04:-:::::::* cpe:2.3:o:epson:sb-h50_firmware:-:::::::* cpe:2.3:o:epson:tm-h6000v_firmware:-:::::::* cpe:2.3:o:epson:tm-l100_firmware:-:::::::* cpe:2.3:o:epson:tm-m10_firmware:-:::::::* cpe:2.3:o:epson:tm-m30_firmware:-:::::::* cpe:2.3:o:epson:tm-m30ii-h_firmware:-:::::::* cpe:2.3:o:epson:tm-m30ii-s_firmware:-:::::::* cpe:2.3:o:epson:tm-m30ii-sl_firmware:-:::::::* cpe:2.3:o:epson:tm-m30ii_firmware:-:::::::* cpe:2.3:o:epson:tm-m30iii-h_firmware:-:::::::* cpe:2.3:o:epson:tm-m30iii_firmware:-:::::::* cpe:2.3:o:epson:tm-m55_firmware:-:::::::* cpe:2.3:o:epson:tm-p20_firmware:-:::::::* cpe:2.3:o:epson:tm-p20ii_firmware:-:::::::* cpe:2.3:o:epson:tm-p60ii_firmware:-:::::::* cpe:2.3:o:epson:tm-p80_firmware:-:::::::* cpe:2.3:o:epson:tm-p80ii_firmware:-:::::::* cpe:2.3:o:epson:tm-t20ii_firmware:-:::::::* cpe:2.3:o:epson:tm-t20iii_firmware:-:::::::* cpe:2.3:o:epson:tm-t88vi-ihub_firmware:-:::::::* cpe:2.3:o:epson:tm-t88vi_firmware:-:::::::* cpe:2.3:o:epson:tm-t88vii_firmware:-:::::::* cpe:2.3:o:epson:ub-e04_firmware:-:::::::* cpe:2.3:o:epson:ub-r04_firmware:-:::::::*
Vendors & Products		Epson sb-h50 Epson sb-h50 Firmware Epson tm-h6000v Epson tm-h6000v Firmware Epson tm-l100 Epson tm-l100 Firmware Epson tm-m10 Epson tm-m10 Firmware Epson tm-m30 Epson tm-m30 Firmware Epson tm-m30ii Epson tm-m30ii-h Epson tm-m30ii-h Firmware Epson tm-m30ii-s Epson tm-m30ii-s Firmware Epson tm-m30ii-sl Epson tm-m30ii-sl Firmware Epson tm-m30ii Firmware Epson tm-m30iii Epson tm-m30iii-h Epson tm-m30iii-h Firmware Epson tm-m30iii Firmware Epson tm-m55 Epson tm-m55 Firmware Epson tm-p20 Epson tm-p20 Firmware Epson tm-p20ii Epson tm-p20ii Firmware Epson tm-p60ii Epson tm-p60ii Firmware Epson tm-p80 Epson tm-p80 Firmware Epson tm-p80ii Epson tm-p80ii Firmware Epson tm-t20ii Epson tm-t20ii Firmware Epson tm-t20iii Epson tm-t20iii Firmware Epson tm-t88vi Epson tm-t88vi-ihub Epson tm-t88vi-ihub Firmware Epson tm-t88vi Firmware Epson tm-t88vii Epson tm-t88vii Firmware Epson ub-e04 Epson ub-e04 Firmware Epson ub-r04 Epson ub-r04 Firmware

Fri, 06 Mar 2026 15:30:00 +0000

Type	Values Removed	Values Added
First Time appeared		Epson Epson esc Pos
Vendors & Products		Epson Epson esc Pos

Fri, 06 Mar 2026 11:15:00 +0000

Type	Values Removed	Values Added
Metrics		cvssV3_1 `{'score': 9.8, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H'}` ssvc `{'options': {'Automatable': 'yes', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}`

Thu, 05 Mar 2026 06:00:00 +0000

Type	Values Removed	Values Added
Description		ESC/POS, a printer control language designed by Seiko Epson Corporation, lacks mechanisms for user authentication and command authorization, does not provide controls to restrict sources or destinations of network communication, and transmits commands without encryption or integrity protection.
Weaknesses		CWE-306
References		https://download4.epson.biz/sec_pubs/bs/pdf/IP_Filtering_Guide_en_revA.pdf https://jvn.jp/en/ta/JVNTA97995322/ https://www.epson.jp/support/misc_t/260305_oshirase.htm

Subscriptions

Epson Esc Pos Sb-h50 Sb-h50 Firmware Tm-h6000v Tm-h6000v Firmware Tm-l100 Tm-l100 Firmware Tm-m10 Tm-m10 Firmware Tm-m30 Tm-m30 Firmware Tm-m30ii Tm-m30ii-h Tm-m30ii-h Firmware Tm-m30ii-s Tm-m30ii-s Firmware Tm-m30ii-sl Tm-m30ii-sl Firmware Tm-m30ii Firmware Tm-m30iii Tm-m30iii-h Tm-m30iii-h Firmware Tm-m30iii Firmware Tm-m55 Tm-m55 Firmware Tm-p20 Tm-p20 Firmware Tm-p20ii Tm-p20ii Firmware Tm-p60ii Tm-p60ii Firmware Tm-p80 Tm-p80 Firmware Tm-p80ii Tm-p80ii Firmware Tm-t20ii Tm-t20ii Firmware Tm-t20iii Tm-t20iii Firmware Tm-t88vi Tm-t88vi-ihub Tm-t88vi-ihub Firmware Tm-t88vi Firmware Tm-t88vii Tm-t88vii Firmware Ub-e04 Ub-e04 Firmware Ub-r04 Ub-r04 Firmware

MITRE

Status: PUBLISHED

Assigner: jpcert

Published: 2026-03-05T05:34:40.895Z

Updated: 2026-03-06T10:21:28.591Z

Reserved: 2026-01-16T02:20:20.477Z

Link: CVE-2026-23767

Vulnrichment

Updated: 2026-03-06T10:21:23.132Z

NVD

Status : Analyzed

Published: 2026-03-05T06:16:22.227

Modified: 2026-03-09T18:42:01.070

Link: CVE-2026-23767

Redhat

No data.

OpenCVE Enrichment

Updated: 2026-04-17T13:00:12Z

Weaknesses

CWE-306

Tracking

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

Exploitation none

Automatable yes

Technical Impact total

Subscriptions

JSON object

JSON object

JSON object

JSON object

JSON object