Description
ESC/POS, a printer control language designed by Seiko Epson Corporation, lacks mechanisms for user authentication and command authorization, does not provide controls to restrict sources or destinations of network communication, and transmits commands without encryption or integrity protection.
Published: 2026-03-05
Score: 9.8 Critical
EPSS: < 1% Very Low
KEV: No
Impact: Unauthorized printing and denial of service
Action: Patch Firmware
AI Analysis

Impact

ESC/POS, a printer control language used by Epson, lacks authentication, command authorization, controls over data origin and destination, and it transmits commands without encryption or integrity protection. An attacker who can reach the printer’s network interface could send arbitrary ESC/POS commands, resulting in unauthorized printing or denial of service. The description does not indicate that the attacker can execute firmware code or system code, only that commands are accepted without checks.

Affected Systems

This vulnerability affects Epson’s ESC/POS printers, including the SB‑H50, TM‑H6000V, TM‑L100, TM‑M10, and the TM‑M30 series (M30, M30II, M30III), the TM‑M55, the TM‑P20 series (P20, P20II), the TM‑P60II, the TM‑P80 series (P80, P80II), the TM‑T20 series (T20II, T20III), the TM‑T88VI, the TM‑T88VII, the UB‑E04, and the UB‑R04 models. All of these devices run firmware that exposes raw ESC/POS command interfaces without authentication or encryption, as reflected in the CPE entries provided.

Risk and Exploitability

The CVSS base score of 9.8 classifies this as a high severity vulnerability, but the EPSS score is below 1 %, indicating very low current exploitation probability. The vulnerability is not listed in the CISA KEV catalog, suggesting no widely known exploitation. Attackers are likely to target the ESC/POS service over the network; while the specific port number is not stated in the CVE description, it is inferred that the common port for raw printing (often TCP 9100) is used, and an attacker could inject malicious commands over an untrusted network.

Generated by OpenCVE AI on April 17, 2026 at 12:56 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Apply firmware updates that add authentication, command authorization, and encryption to the ESC/POS interface, if such an update has been released by Epson.
  • Configure firewalls to allow access to the printer only from trusted IP addresses and block unsolicited inbound connections to its ESC/POS service.
  • Segregate printer devices onto a dedicated VLAN or network segment and enforce strict access controls to limit communication to authorized devices.
  • If no firmware fix is available, use packet filtering or deep‑packet inspection to block unauthorized ESC/POS commands and restrict usage to locally connected printers only.

Generated by OpenCVE AI on April 17, 2026 at 12:56 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Fri, 17 Apr 2026 13:15:00 +0000

Type Values Removed Values Added
Title Unrestricted ESC/POS Commands Enable Unauthorized Printing

Mon, 09 Mar 2026 18:45:00 +0000

Type Values Removed Values Added
First Time appeared Epson sb-h50
Epson sb-h50 Firmware
Epson tm-h6000v
Epson tm-h6000v Firmware
Epson tm-l100
Epson tm-l100 Firmware
Epson tm-m10
Epson tm-m10 Firmware
Epson tm-m30
Epson tm-m30 Firmware
Epson tm-m30ii
Epson tm-m30ii-h
Epson tm-m30ii-h Firmware
Epson tm-m30ii-s
Epson tm-m30ii-s Firmware
Epson tm-m30ii-sl
Epson tm-m30ii-sl Firmware
Epson tm-m30ii Firmware
Epson tm-m30iii
Epson tm-m30iii-h
Epson tm-m30iii-h Firmware
Epson tm-m30iii Firmware
Epson tm-m55
Epson tm-m55 Firmware
Epson tm-p20
Epson tm-p20 Firmware
Epson tm-p20ii
Epson tm-p20ii Firmware
Epson tm-p60ii
Epson tm-p60ii Firmware
Epson tm-p80
Epson tm-p80 Firmware
Epson tm-p80ii
Epson tm-p80ii Firmware
Epson tm-t20ii
Epson tm-t20ii Firmware
Epson tm-t20iii
Epson tm-t20iii Firmware
Epson tm-t88vi
Epson tm-t88vi-ihub
Epson tm-t88vi-ihub Firmware
Epson tm-t88vi Firmware
Epson tm-t88vii
Epson tm-t88vii Firmware
Epson ub-e04
Epson ub-e04 Firmware
Epson ub-r04
Epson ub-r04 Firmware
CPEs cpe:2.3:h:epson:sb-h50:-:*:*:*:*:*:*:*
cpe:2.3:h:epson:tm-h6000v:-:*:*:*:*:*:*:*
cpe:2.3:h:epson:tm-l100:-:*:*:*:*:*:*:*
cpe:2.3:h:epson:tm-m10:-:*:*:*:*:*:*:*
cpe:2.3:h:epson:tm-m30:-:*:*:*:*:*:*:*
cpe:2.3:h:epson:tm-m30ii-h:-:*:*:*:*:*:*:*
cpe:2.3:h:epson:tm-m30ii-s:-:*:*:*:*:*:*:*
cpe:2.3:h:epson:tm-m30ii-sl:-:*:*:*:*:*:*:*
cpe:2.3:h:epson:tm-m30ii:-:*:*:*:*:*:*:*
cpe:2.3:h:epson:tm-m30iii-h:-:*:*:*:*:*:*:*
cpe:2.3:h:epson:tm-m30iii:-:*:*:*:*:*:*:*
cpe:2.3:h:epson:tm-m55:-:*:*:*:*:*:*:*
cpe:2.3:h:epson:tm-p20:-:*:*:*:*:*:*:*
cpe:2.3:h:epson:tm-p20ii:-:*:*:*:*:*:*:*
cpe:2.3:h:epson:tm-p60ii:-:*:*:*:*:*:*:*
cpe:2.3:h:epson:tm-p80:-:*:*:*:*:*:*:*
cpe:2.3:h:epson:tm-p80ii:-:*:*:*:*:*:*:*
cpe:2.3:h:epson:tm-t20ii:-:*:*:*:*:*:*:*
cpe:2.3:h:epson:tm-t20iii:-:*:*:*:*:*:*:*
cpe:2.3:h:epson:tm-t88vi-ihub:-:*:*:*:*:*:*:*
cpe:2.3:h:epson:tm-t88vi:-:*:*:*:*:*:*:*
cpe:2.3:h:epson:tm-t88vii:-:*:*:*:*:*:*:*
cpe:2.3:h:epson:ub-e04:-:*:*:*:*:*:*:*
cpe:2.3:h:epson:ub-r04:-:*:*:*:*:*:*:*
cpe:2.3:o:epson:sb-h50_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:epson:tm-h6000v_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:epson:tm-l100_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:epson:tm-m10_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:epson:tm-m30_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:epson:tm-m30ii-h_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:epson:tm-m30ii-s_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:epson:tm-m30ii-sl_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:epson:tm-m30ii_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:epson:tm-m30iii-h_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:epson:tm-m30iii_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:epson:tm-m55_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:epson:tm-p20_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:epson:tm-p20ii_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:epson:tm-p60ii_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:epson:tm-p80_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:epson:tm-p80ii_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:epson:tm-t20ii_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:epson:tm-t20iii_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:epson:tm-t88vi-ihub_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:epson:tm-t88vi_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:epson:tm-t88vii_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:epson:ub-e04_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:epson:ub-r04_firmware:-:*:*:*:*:*:*:*
Vendors & Products Epson sb-h50
Epson sb-h50 Firmware
Epson tm-h6000v
Epson tm-h6000v Firmware
Epson tm-l100
Epson tm-l100 Firmware
Epson tm-m10
Epson tm-m10 Firmware
Epson tm-m30
Epson tm-m30 Firmware
Epson tm-m30ii
Epson tm-m30ii-h
Epson tm-m30ii-h Firmware
Epson tm-m30ii-s
Epson tm-m30ii-s Firmware
Epson tm-m30ii-sl
Epson tm-m30ii-sl Firmware
Epson tm-m30ii Firmware
Epson tm-m30iii
Epson tm-m30iii-h
Epson tm-m30iii-h Firmware
Epson tm-m30iii Firmware
Epson tm-m55
Epson tm-m55 Firmware
Epson tm-p20
Epson tm-p20 Firmware
Epson tm-p20ii
Epson tm-p20ii Firmware
Epson tm-p60ii
Epson tm-p60ii Firmware
Epson tm-p80
Epson tm-p80 Firmware
Epson tm-p80ii
Epson tm-p80ii Firmware
Epson tm-t20ii
Epson tm-t20ii Firmware
Epson tm-t20iii
Epson tm-t20iii Firmware
Epson tm-t88vi
Epson tm-t88vi-ihub
Epson tm-t88vi-ihub Firmware
Epson tm-t88vi Firmware
Epson tm-t88vii
Epson tm-t88vii Firmware
Epson ub-e04
Epson ub-e04 Firmware
Epson ub-r04
Epson ub-r04 Firmware

Fri, 06 Mar 2026 15:30:00 +0000

Type Values Removed Values Added
First Time appeared Epson
Epson esc Pos
Vendors & Products Epson
Epson esc Pos

Fri, 06 Mar 2026 11:15:00 +0000

Type Values Removed Values Added
Metrics cvssV3_1

{'score': 9.8, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H'}

ssvc

{'options': {'Automatable': 'yes', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}

Thu, 05 Mar 2026 06:00:00 +0000

Type Values Removed Values Added
Description ESC/POS, a printer control language designed by Seiko Epson Corporation, lacks mechanisms for user authentication and command authorization, does not provide controls to restrict sources or destinations of network communication, and transmits commands without encryption or integrity protection.
Weaknesses CWE-306
References

Subscriptions

Epson Esc Pos Sb-h50 Sb-h50 Firmware Tm-h6000v Tm-h6000v Firmware Tm-l100 Tm-l100 Firmware Tm-m10 Tm-m10 Firmware Tm-m30 Tm-m30 Firmware Tm-m30ii Tm-m30ii-h Tm-m30ii-h Firmware Tm-m30ii-s Tm-m30ii-s Firmware Tm-m30ii-sl Tm-m30ii-sl Firmware Tm-m30ii Firmware Tm-m30iii Tm-m30iii-h Tm-m30iii-h Firmware Tm-m30iii Firmware Tm-m55 Tm-m55 Firmware Tm-p20 Tm-p20 Firmware Tm-p20ii Tm-p20ii Firmware Tm-p60ii Tm-p60ii Firmware Tm-p80 Tm-p80 Firmware Tm-p80ii Tm-p80ii Firmware Tm-t20ii Tm-t20ii Firmware Tm-t20iii Tm-t20iii Firmware Tm-t88vi Tm-t88vi-ihub Tm-t88vi-ihub Firmware Tm-t88vi Firmware Tm-t88vii Tm-t88vii Firmware Ub-e04 Ub-e04 Firmware Ub-r04 Ub-r04 Firmware
cve-icon MITRE

Status: PUBLISHED

Assigner: jpcert

Published:

Updated: 2026-03-06T10:21:28.591Z

Reserved: 2026-01-16T02:20:20.477Z

Link: CVE-2026-23767

cve-icon Vulnrichment

Updated: 2026-03-06T10:21:23.132Z

cve-icon NVD

Status : Analyzed

Published: 2026-03-05T06:16:22.227

Modified: 2026-03-09T18:42:01.070

Link: CVE-2026-23767

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-04-17T13:00:12Z

Weaknesses