Impact of the "Apache Log4j" vulnerability issue on Epson products

Last updated December 24, 2021
Issue date December 23, 2021
Epson Europe BV

Thank you for your continued patronage of Epson products.

A security vulnerability "Apache Log4j Vulnerability" (CVE-2021-44228) has been announced. This vulnerability could allow a remote third party to send crafted data to execute arbitrary commands in the Java-based logging library Apache Log4j provided by the Apache Software Foundation as open source.

Reference: Information-technology Promotion Agency (IPA) website

Apache Log4j vulnerability countermeasures (CVE-2021-44228)

On December 22, 2021, we completed the impact investigation of this vulnerability for all Epson products (hardware, software) and all services including the cloud. As a result of the investigation, it was confirmed that all Epson products and services are not affected by this vulnerability.

 

Epson product category for which the survey has been completed

Includes all software such as firmware, drivers, and utilities installed in respect of the hardware of the following products.

MFP Multifunctional printer (CIJ/BIJ/LIJ)
SFP Single function printer (CIJ/BIJ)
LFP Large format printer
Laser Printer/ Laser MFP
SIDM
Scanner
All network option devices
Epson Connect
Business projector / home projector
Head mount display (smart glasses)
Wristable GPS watch
M-Tracer
Pulsense
POS / business Small printer
Digital camera/ Photo Viewer
Commercial Equipment (SureLab)
PaperLab
Robot