Buffer Overflow in EPSON Printer RAW Printing Service

CVE-2026-39047 is a buffer overflow vulnerability (CWE-121) in EPSON L14150 FL27PB printers that allows remote attackers to execute arbitrary code through the RAW Printing Service on TCP port 9100 (JetDirect). This vulnerability has a CVSS score of 7.5, indicating high severity. It affects organizations that deploy these EPSON printers in networked environments—particularly those in office settings, data centers, or managed print environments where the device is accessible over the network. Printers are frequently overlooked in security strategies, making them attractive pivot points for lateral movement and persistence once compromised.

While this specific CVE maps to CWE-121 and currently shows no active MITRE ATT&CK technique mappings, Casky's AI-driven skill engine would detect the attack patterns associated with exploitation attempts by identifying network reconnaissance on port 9100 (Service Enumeration), suspicious RAW print job submissions with oversized payloads (Exploitation), and post-execution indicators such as unexpected process creation or command execution on the printer or connected systems. Practitioners using Casky would see findings related to anomalous network traffic to printer services, malformed print requests that trigger memory violations, and potential command injection attempts—enabling detection before arbitrary code execution occurs. The extended reasoning capability would correlate these signals with printer vulnerability profiles and flag the L14150 FL27PB model as a high-risk asset requiring immediate patching or network isolation.