Rapid7 has discovered eight vulnerabilities affecting 689 Brother printers. But 46 models from other brands are also at risk of being pwned including models from Fujifilm, Toshiba, Ricoh, and Konica Minolta. You can read the details here, but here’s the TL:DR:
Rapid7 conducted a zero-day research project into multifunction printers (MFP) from Brother Industries, Ltd. This research resulted in the discovery of 8 new vulnerabilities. Some or all of these vulnerabilities have been identified as affecting 689 models across Brother’s range of printer, scanner, and label maker devices. Additionally, 46 printer models from FUJIFILM Business Innovation, 5 printer models from Ricoh, 2 printer models from Toshiba Tec Corporation, and 6 models from Konica Minolta, Inc. are affected by some or all of these vulnerabilities. In total, 748 models across 5 vendors are affected.
Here’s the worst vulnerability:
The most serious of the findings is the authentication bypass CVE-2024-51978. A remote unauthenticated attacker can leak the target device’s serial number through one of several means, and in turn generate the target device’s default administrator password. This is due to the discovery of the default password generation procedure used by Brother devices. This procedure transforms a serial number into a default password. Affected devices have their default password set, based on each device’s unique serial number, during the manufacturing process. Brother has indicated that this vulnerability cannot be fully remediated in firmware, and has required a change to the manufacturing process of all affected models.
So if you own a Brother printer, you should change your administrator password ASAP. Now newer Brother printers won’t have this vulnerability as the company will change how they generate the password. But that doesn’t help anyone who owns one of these printers right now. The other vulnerabilities will be fixed via firmware updates. You should check your vendor’s website to see what you should do in that regard:
Related
This entry was posted on July 1, 2025 at 11:59 am and is filed under Commentary with tags Rapid7. You can follow any responses to this entry through the RSS 2.0 feed.
You can leave a response, or trackback from your own site.
Hundreds Of Brother Printer Models Along With Some From Other Vendors At Risk Of Pwnage
Rapid7 has discovered eight vulnerabilities affecting 689 Brother printers. But 46 models from other brands are also at risk of being pwned including models from Fujifilm, Toshiba, Ricoh, and Konica Minolta. You can read the details here, but here’s the TL:DR:
Rapid7 conducted a zero-day research project into multifunction printers (MFP) from Brother Industries, Ltd. This research resulted in the discovery of 8 new vulnerabilities. Some or all of these vulnerabilities have been identified as affecting 689 models across Brother’s range of printer, scanner, and label maker devices. Additionally, 46 printer models from FUJIFILM Business Innovation, 5 printer models from Ricoh, 2 printer models from Toshiba Tec Corporation, and 6 models from Konica Minolta, Inc. are affected by some or all of these vulnerabilities. In total, 748 models across 5 vendors are affected.
Here’s the worst vulnerability:
The most serious of the findings is the authentication bypass CVE-2024-51978. A remote unauthenticated attacker can leak the target device’s serial number through one of several means, and in turn generate the target device’s default administrator password. This is due to the discovery of the default password generation procedure used by Brother devices. This procedure transforms a serial number into a default password. Affected devices have their default password set, based on each device’s unique serial number, during the manufacturing process. Brother has indicated that this vulnerability cannot be fully remediated in firmware, and has required a change to the manufacturing process of all affected models.
So if you own a Brother printer, you should change your administrator password ASAP. Now newer Brother printers won’t have this vulnerability as the company will change how they generate the password. But that doesn’t help anyone who owns one of these printers right now. The other vulnerabilities will be fixed via firmware updates. You should check your vendor’s website to see what you should do in that regard:
Share this:
Like this:
Related
This entry was posted on July 1, 2025 at 11:59 am and is filed under Commentary with tags Rapid7. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.