CVE-2025-42598

CVSS 3.1 Score 7.8 of 10 (high)

Details

Published Apr 28, 2025

Updated: Apr 29, 2025

CWE ID 276

Summary

CVE-2025-42598 is a newly disclosed vulnerability affecting multiple SEIKO EPSON printer drivers for Windows OS. The issue arises due to the drivers being installed or used in languages other than English with improper access permission settings. An attacker can exploit this vulnerability by persuading a user to place a maliciously crafted DLL file in a specific location. Once the file is placed, the attacker gains the ability to execute arbitrary code on the affected Windows system with SYSTEM privilege. This poses a significant risk to the security of impacted systems, emphasizing the importance of keeping software up-to-date and implementing strict security policies.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share

Advisories, Assessments, and Mitigations

Back to Vulnerability Database

Platform Features

Products

Use Cases

Teams

Industries

Services

GrayAlpha Uses Diverse Infection Vectors to Deploy PowerNet Loader and NetSupport RAT

Predator Still Active, with New Client and Corporate Links Identified

Russia-Aligned TAG-110 Targets Tajikistan with Macro-Enabled Word Documents

Know What Matters

For Customers

For Partners

CVE-2025-42598

CVSS 3.1 Score 7.8 of 10 (high)

Details

Summary

Advisories, Assessments, and Mitigations