Recent research by cybersecurity company Rapid7 has uncovered several serious security vulnerabilities affecting a wide range of Brother multifunction printers (MFPs) and other devices. These issues could potentially allow malicious actors to access sensitive information, take control of devices, or disrupt their operation.
Over the past year, Rapid7 in collaboration with Brother and other vendors, has identified several new security flaws affecting nearly 750 models from different manufacturers, including Brother, FUJIFILM, Ricoh, Toshiba, and Konica Minolta devices. These vulnerabilities range from information leaks to critical security bypasses and even device crashes.
One of the most critical flaws, tracked as CVE-2024-51978, enables an attacker to generate a device’s default administrator password without authentication. This vulnerability stems from the way some Brother devices produce default passwords during manufacturing, allowing malicious actors to gain full administrative control remotely. Exploiting this could lead to complete device takeover.
Brother has confirmed that this issue cannot be fully addressed through firmware updates alone. Instead, they are modifying manufacturing processes for future models to eliminate this vulnerability, while providing workarounds for existing devices.
Other significant vulnerabilities include CVE-2024-51980 and CVE-2024-51981, which could allow unauthenticated attackers to perform server request forgery and initiate malicious network requests
- CVE-2024-51984, which could enable attackers to retrieve plaintext passwords for external services like LDAP or FTP.
- CVE-2024-51977 allows an attacker to access sensitive device details, such as serial numbers, via web services, which could be used in targeted attacks.
- CVE-2024-51982 and CVE-2024-51983 enable malicious actors to repeatedly crash devices, leading to denial-of-service conditions that disrupt operational availability.
For the full list of disclosure as well as patching and mitigation steps, visit Brother’s security notice report.
Some general tips include:
Updating firmware: Check your device’s management console or your manufacturer’s support website to check for the latest firmware updates or advisories
Change default passwords: If your device still uses default credentials, change them immediately
Secure network access: Limit device access to trusted networks and consider disabling any unused, unnecessary services.
Stay Informed: Follow vendor advisories and security updates to ensure your devices remain protected
Conclusion
This discovery highlights the importance of regular security reviews and updates for network-connected devices, including printers and scanners. While most of the focus has been on Brother devices—since the vulnerabilities were first discovered and addressed in their models—it’s important to recognize that similar security issues are common across many network-connected printers and multifunction devices from multiple brands. In fact, some of these vulnerabilities or similar ones have been identified in other vendors’ products, though they may not yet have received fixes or disclosures.
If you own a FUJIFILM, Ricoh, Toshiba, or Konica Minolta based device, check the manufacturer’s support page for available notices or updates.
For further analysis and updates on these vulnerabilities, check out Rapid7’s report on their official website here.
Leave a Reply