Brother manufactures some of the best home printers on the market, with millions of devices sold and in use around the world. However, research by Rapid7 has now revealed that many Brother models—as well as other brands—are vulnerable to several serious security flaws.
Hundreds of printer models worldwide are affected by these vulnerabilities, especially Brother devices. And as BleepingComputer reports, some of them can’t even be fixed.
Hackers can figure out Brother passwords
Rapid7’s investigation uncovered eight vulnerabilities in 689 Brother models, which include printers, scanners, and label printers. Meanwhile, 46 Fujifilm, 6 Konica Minolta, 5 Ricoh, and 2 Toshiba models were also affected as they use Brother components. The severity of the vulnerabilities ranges from moderate (CVSS score 5.3) to critical (CVSS score 9.8), which emphasizes the urgency of the issue.
The most dangerous vulnerability, known as CVE-2024-51978, allows attackers to determine a printer’s default admin password. Brother uses a weak algorithm that generates the password from the device’s serial number and a static table. According to BleepingComputer, attackers can use the printer’s serial number (which can be retrieved via other vulnerabilities) to generate the default password and gain control of the device. This would also allow them to attack other devices in the network.
Other vulnerabilities allow hackers to access sensitive data from the printer, cause the printer to crash, establish unauthorized network connections, or disclose passwords of connected devices. Further details can be found in the Rapid7 report.
What should you do if you’re affected?
Brother has provided firmware updates for 7 of the 8 vulnerabilities, which can be downloaded from Brother’s support page.
Unfortunately, the critical password vulnerability can’t be fixed by an update as it occurs in the manufacturing process where default passwords are set. Brother plans to solve the problem in future models with a change in the manufacturing process. For existing devices, users must manually change the admin password on their devices from the default.
If you own an affected printer, you can protect yourself by updating the firmware, setting a secure admin password, and securing the device with a firewall or putting it on a separate network. Access to the printer, for example via port 9100, should be restricted.
Brother is working with Rapid7 and JPCERT/CC to resolve the issues, but the password vulnerability remains a challenge. Users should act quickly to secure their devices and prevent future attacks.
