CVE-2026-23767 is a vulnerability in the ESC/POS printer control language developed by Seiko Epson Corporation. ESC/POS is widely used to control receipt printers and other point-of-sale devices. The vulnerability arises because ESC/POS lacks any form of user authentication or command authorization, meaning that any entity able to send commands to a printer can execute critical functions without restriction. Additionally, ESC/POS does not implement controls to restrict the sources or destinations of network communications, allowing potentially any device on the network to communicate with the printer. Commands are transmitted without encryption or integrity protection, exposing them to interception, tampering, or replay attacks. This combination of missing security controls enables attackers to send unauthorized commands to printers, which could result in unauthorized printing, leakage of sensitive information printed on receipts, denial of printing services, or manipulation of printer behavior. The vulnerability affects all products implementing ESC/POS, making it widespread across many retail and industrial environments globally. Although no known exploits have been reported in the wild, the lack of authentication and encryption significantly lowers the barrier to exploitation, especially in poorly segmented or unsecured networks. The absence of a CVSS score necessitates a severity assessment based on the vulnerability's characteristics and potential impact.

The impact of CVE-2026-23767 is significant for organizations that rely on ESC/POS-enabled printers, particularly in retail, hospitality, and manufacturing sectors. Attackers can exploit this vulnerability to send unauthorized print commands, potentially causing operational disruptions such as printing fraudulent receipts, altering transaction records, or overwhelming printers with excessive jobs leading to denial of service. Confidentiality may be compromised if sensitive information printed on receipts or labels is intercepted or manipulated. Integrity is at risk because attackers can alter print outputs or inject malicious commands. Availability of printing services can be disrupted, impacting business operations that depend on timely and accurate printing. Since ESC/POS is widely implemented globally, the scope of affected systems is broad. The ease of exploitation without authentication or user interaction increases the risk, especially in environments where printers are accessible over untrusted networks or poorly segmented internal networks. While no exploits are currently known in the wild, the vulnerability presents a clear risk that could be leveraged in targeted attacks or insider threat scenarios.

To mitigate CVE-2026-23767, organizations should implement network segmentation to isolate ESC/POS-enabled printers from untrusted or public networks, limiting access only to authorized devices and users. Deploy firewall rules or access control lists (ACLs) to restrict communication to and from printer devices, allowing only trusted IP addresses and ports. Use virtual LANs (VLANs) or dedicated subnets for printer devices to reduce exposure. Monitor network traffic for unusual or unauthorized printer commands using intrusion detection or prevention systems (IDS/IPS). Where possible, replace or upgrade to printers or firmware versions that support authentication and encrypted communication protocols. Employ physical security controls to prevent unauthorized access to printers. Educate staff about the risks of connecting printers to unsecured networks. Additionally, consider implementing compensating controls such as print job logging and alerting to detect suspicious activity. Regularly review and update network and device configurations to ensure compliance with security policies.