Local privilege escalation in Windows OS through installed EPSON printers installed in a non-English language

Vulnerability Reference: CVE-2025-42598

Description: If a user performs either of the following actions listed below, it is possible to overwrite some DLL files managed by the printer driver with all account privileges.

Step 1. Installs an Epson Windows Printer Driver in non-English OS environments.

Step 2. Changes the language to one other than English.

Impact: A third party may be able to execute arbitrary code to allow higher privilege access and escalation capabilities. There are currently no reports of attacks exploiting this vulnerability.

Solution: To ensure the security of your Epson product, please run the Epson Software Updater or download and install the Security vulnerability patch.

To help secure all devices, end-users and their administrators should always implement and maintain industry-standard security controls and practices in setting up and managing their networks.

For more information on securing your Epson product, visit our Security Guidebook.


The Software Patch Supports the following Operating Systems:

Windows® XP/XP Professional x64 Edition
Windows® Vista/Vista x64 Edition
Windows® 7/7 x64
Windows® 8/8 x64
Windows® 8.1/8.1 x64
Windows® 10/10 x64
Windows® 11 x64
Windows® Server 2003
Windows® Server 2008/2008 R2
Windows® Server 2016
Windows® Server 2019
Windows® Server 2022
Windows® Server 2025

 

For users already using Epson Software Updater


Run the Epson Software Updater and install the Epson Printer Driver Security Support Tool.
 

For those not yet using Epson Software Updater

 

  1. Download Epson Software Updater from the local Epson support page.
  2. Download the patch software via Epson Software Updater and then run it.

    screenshot of Epson Software Updater window showing Epson Printer Driver Secturity Support Tool selected to download


Epson Printer Driver Security Support Tool

For devices where the software updater is unavailable, please visit www.epson.com/support and navigate to your product's support page to download and install the Epson Printer Driver Security Support Tool.

Affected Models
Epson Artisan Series
Epson B Series
Epson ColorWorks CW-C6xx Series
Epson ET Series
Epson M Series
Epson PictureMate Series
Epson Stylus C Series
Epson Stylus CX Series
Epson Stylus NX Series
Epson Stylus Pro Series
Epson WorkForce Series
Epson XP Series
Epson Stylus Photo Series
Epson Stylus Photo R Series
Epson Stylus Pro Series
Epson Stylus Pro Series
Epson SureColor Series
Epson ML (Monna Lisa) Series
Epson SureLab D Series
Epson Universal Printer Driver
Credit:

We would like to thank private security researcher Erkan Ekici for his extensive work in identifying and sharing this security issue with us.