Vulnerability Reference: CVE-2025-42598
Description:
If you perform either of the following actions, it is possible to overwrite some DLL files managed by the printer driver with all account privileges:
- Install Epson Windows Printer Driver in non-English OS environments.
- Change the language to one other than English.
Impact:
A third party may be able to execute arbitrary code to allow higher privilege access and escalation capabilities. Currently, there are no reports of attacks exploiting this vulnerability.
Countermeasures:
To ensure the security of your Epson product, please run the Epson Software Updater or download and install the Security vulnerability patch.
To help secure all devices, end-users and their administrators should always implement and maintain industry-standard security controls and practices in setting up and managing their networks.
For more information on securing your Epson product, visit our Security Guidebook.
Software Patch supports the following Operating Systems:
- Windows® XP/XP Professional x64 Edition
- Windows® Vista/Vista x64 Edition
- Windows® 7/7 x64
- Windows® 8/8 x64
- Windows® 8.1/8.1 x64
- Windows® 10/10 x64
- Windows® 11 x64
- Windows® Server 2003
- Windows® Server 2008/2008 R2
- Windows® Server 2012/2012 R2
- Windows® Server 2016
- Windows® Server 2019
- Windows® Server 2022
- Windows® Server 2025
For users who have installed Epson Software Updater:
Run the Epson Software Updater and install the Epson Printer Driver Security Support Tool version 1.0.0.0.
For users who do not have the Epson Software Updater:
Please download and install the Epson Printer Driver Security Support Tool by clicking the link below:
Epson Printer Driver Security Support Tool version 1.0.0.0
Credit
We thank private security researcher Erkan Ekici for his extensive work in identifying and sharing this security issue with us.