← Volver a CVEs
CVE-2025-35970
HIGH7.5
Descripcion
On multiple products of SEIKO EPSON and FUJIFILM Corporation, the initial administrator password is easy to guess from the information available via SNMP. If the administrator password is not changed from the initial one, a remote attacker with SNMP access can log in to the product with the administrator privilege.
Detalles CVE
Puntuacion CVSS v3.17.5
SeveridadHIGH
Vector CVSSCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Vector de ataqueNETWORK
ComplejidadLOW
Privilegios requeridosNONE
Interaccion usuarioNONE
Publicado8/7/2025
Ultima modificacion8/7/2025
Fuentenvd
Avistamientos honeypot0
Debilidades (CWE)
CWE-1391
Referencias
https://global.fujifilm.com/en/news/hq/697e(vultures@jpcert.or.jp)
https://jvn.jp/en/vu/JVNVU91363496/(vultures@jpcert.or.jp)
https://www.epson.jp/support/misc_t/250807_oshirase.htm(vultures@jpcert.or.jp)
Correlaciones IOC
Sin correlaciones registradas
This product uses data from the NVD API but is not endorsed or certified by the NVD.