SEIKO EPSON and FUJIFILM Products SNMP Password Vulnerability Allowing Unauthorized Administrator Access
Vulnerability
A vulnerability exists in multiple products from SEIKO EPSON and FUJIFILM Corporation, where the default administrator password can be easily guessed using information available through SNMP. This vulnerability arises because some products use serial numbers as initial passwords, which can be retrieved via SNMP. If the default password is not changed, a remote attacker with SNMP access can log in with administrator privileges.
Impact
Exploitation of this vulnerability allows remote login with administrator privileges, potentially leading to unauthorized control and manipulation of the affected device.
Remediation
Users are advised to change the default administrator password, manage it securely, and connect the device to a firewall-protected network or a network with a private IP address. For specific instructions on changing the password, refer to the Fujifilm Important Notice or the SEIKO EPSON Vulnerability Announcement.
Vulnerability Rating
Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.