Vulnerability Details CVE-2020-9014
In Epson iProjection v2.30, the driver file (EMP_NSAU.sys) allows local users to cause a denial of service (BSOD) via crafted input to the virtual audio device driver with IOCTL 0x9C402402, 0x9C402406, or 0x9C40240A. \Device\EMPNSAUIO and \DosDevices\EMPNSAU are similarly affected.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.002
EPSS Ranking 36.8%
CVSS Severity
CVSS v3 Score 5.5
CVSS v2 Score 2.1
References
- https://epson.com/Support/wa00935
- https://epson.com/wireless-projector-app
- https://github.com/FULLSHADE/Kernel-exploits
- https://github.com/FULLSHADE/Kernel-exploits/tree/master/EMP_NSAU.sys
- https://epson.com/Support/wa00935
- https://epson.com/wireless-projector-app
- https://github.com/FULLSHADE/Kernel-exploits
- https://github.com/FULLSHADE/Kernel-exploits/tree/master/EMP_NSAU.sys
Products affected by CVE-2020-9014
-
cpe:2.3:a:epson:iprojection:2.30