Primary

Context

Epson USB Display Unquoted Service Path Vulnerability Allowing Elevated Privileges

Vulnerability

A vulnerability exists in Epson USB Display version 1.6.0.0, specifically within the EMP_UDSA service, which runs with LocalSystem privileges. This vulnerability is due to an unquoted service path, allowing attackers to place malicious executables in intermediate directories. Exploitation of this vulnerability could lead to unauthorized elevated access on the system.

Impact

Exploitation of this vulnerability could result in unauthorized elevated privileges on the affected system.

Reproduction

The vulnerability can be reproduced by placing a malicious executable in a directory along the unquoted service path. The EMP_UDSA service can then be started, which will execute the malicious payload with LocalSystem privileges.

Added: Jan 23, 2026, 5:34 PM

Updated: Jan 23, 2026, 10:27 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

10.0

exploitability

4.2

remediation

0.0

relevance

2.2

threat

6.4

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

10.0

exploitability

4.2

remediation

0.0

relevance

2.2

threat

6.4

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Epson USB Display Unquoted Service Path Vulnerability Allowing Elevated Privileges

Vulnerability

Impact

Reproduction

Affected Products

Epson USB Display

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating