Description
Buffer Overflow vulnerability in EPSON L14150 FL27PB allows a remote attacker to execute arbitrary code via the RAW Printing Service (JetDirect) on TCP port 9100
Published: 2026-05-20
Score: 7.5 High
EPSS: n/a
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

A buffer overflow exists in the RAW Printing Service (JetDirect) of EPSON L14150 FL27PB printers. The flaw allows an attacker to send a specially crafted packet over TCP port 9100, causing the printer firmware to execute arbitrary code; based on the description, it is inferred that the attacker may gain full system privileges, potentially compromising network security and data confidentiality.

Affected Systems

EPSON L14150 FL27PB printers running the default firmware that supports the RAW Printing Service on port 9100 are impacted. No additional version details are publicly available, so all units with this service enabled are considered vulnerable.

Risk and Exploitability

The vulnerability can be triggered remotely, but it is not stated whether authentication is required; based on the description, it is inferred that the attacker may not need credentials. The CVSS score is 7.5, indicating high severity, while the EPSS score is unavailable and the vulnerability is not listed in the KEV catalog. Exploitation would require network access to the printer’s port 9100 and can lead to compromise of the device and the surrounding network.

Generated by OpenCVE AI on May 20, 2026 at 19:51 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Apply the official firmware update or patch provided by EPSON for the L14150 FL27PB printers once it becomes available
  • Disable the RAW Printing Service on port 9100 or block access to that port using firewall rules if the service is not required
  • Implement network segmentation to isolate printers from critical assets and monitor network traffic for unusual activity on port 9100

Generated by OpenCVE AI on May 20, 2026 at 19:51 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Wed, 20 May 2026 20:15:00 +0000

Type Values Removed Values Added
Title Buffer Overflow in Epson L14150 Printer RAW Printing Service Allows Remote Code Execution

Wed, 20 May 2026 18:45:00 +0000

Type Values Removed Values Added
Title EPSON L14150 Printer RAW Printing Service Buffer Overflow – Remote Code Execution
Weaknesses CWE-120

Wed, 20 May 2026 16:45:00 +0000

Type Values Removed Values Added
Title EPSON L14150 Printer RAW Printing Service Buffer Overflow – Remote Code Execution
Weaknesses CWE-120

Wed, 20 May 2026 16:30:00 +0000

Type Values Removed Values Added
Weaknesses CWE-121
Metrics cvssV3_1

{'score': 7.5, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H'}

ssvc

{'options': {'Automatable': 'yes', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}

Wed, 20 May 2026 15:30:00 +0000

Type Values Removed Values Added
Description Buffer Overflow vulnerability in EPSON L14150 FL27PB allows a remote attacker to execute arbitrary code via the RAW Printing Service (JetDirect) on TCP port 9100
References

Subscriptions

No data.

cve-icon MITRE

Status: PUBLISHED

Assigner: mitre

Published:

Updated: 2026-05-20T15:31:28.235Z

Reserved: 2026-04-06T00:00:00.000Z

Link: CVE-2026-39047

cve-icon Vulnrichment

Updated: 2026-05-20T15:31:21.543Z

cve-icon NVD

Status : Awaiting Analysis

Published: 2026-05-20T16:16:25.630

Modified: 2026-05-20T17:31:45.303

Link: CVE-2026-39047

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-05-20T20:00:12Z

Weaknesses