CVE-2026-39047

Vulnerability

A buffer overflow vulnerability exists in the RAW Printing Service (JetDirect/AppSocket) of EPSON L14150 FL27PB firmware. The service listens on TCP port 9100 and fails to properly validate the size of incoming print job data, leading to memory corruption when malformed payloads are processed [2]. The affected product is the EPSON L14150 FL27PB with the RAW Printing Service enabled [2].

Exploitation

An unauthenticated remote attacker with network access to TCP port 9100 can send a specially crafted RAW print job payload that exceeds buffer boundaries, triggering the overflow [2]. The PrintHack tool [1] demonstrates the ability to send such payloads, including a "bomb" mode for denial of service, which can be adapted for exploitation.

Impact

Successful exploitation may result in denial of service, parser instability, abnormal firmware behavior, and potential remote code execution at the firmware level [2]. The attacker gains the ability to execute arbitrary code on the printer, compromising its integrity and availability.

Mitigation

As of the publication date, no official patch has been released by EPSON. Users should restrict network access to TCP port 9100 to trusted hosts only, or disable the RAW Printing Service if not required. Monitor vendor advisories for future updates.