Brother makes some solid, reliable printers. Indeed, for several years running, The Verge called it The best printer you need to buy. Unfortunately, the company’s devices seem to be filled with new zero-day bugs that could allow a nasty cyber criminal to expel them.
The vulnerabilities were discovered by a cybersecurity company Rapid7, which released a blog about the bugs last week. The blog explains that after a little research, Rapid7’s cyber-pros have found a total of eight new zero-day vulnerabilities in the machines. The vulnerabilities are all different, although there is pretty bad. CVE-2024-51978 is an authentication passing vulnerability that could allow hacker Nabi the printer’s password. Researchers destroy it like this:
A distant unattended attacker can filter the serial number of the target device by one of several resources, and in turn generate the default management password of the target device. This is due to the discovery of the default password generation procedure used by fraternal devices. This procedure converts a serial number into a default password. Affected devices have their default password, based on the unique serial number of each device, during the manufacturing process. Brother indicated that this vulnerability cannot be fully remedy in firmware, and required a change to the manufacturing process of all affected models.
Researchers originally contacted Brother Industries last year, and the printing company and security researchers have been in touch since then, working to mitigate things. The bugs also affect several other printer marks, including Fujifilm,, Ricoh,, Toshibaand Konica Minolta, according to researchers.
Dark reading notes that Millions of devices appear to be hit. Luckily, researchers realize that there is no evidence that mistakes are being exploited in nature. Brother also has Issued patches for the vulnerabilities.
In addition to installing patches, users also encourage to change their default password from an administrator. That should stop the bad bug, CVE-2024-51978, which would have allowed an intruder to catch the machine. If you don’t, researchers warn that an attacker could “use this default management password to either reconfigure the target device, or access functionality only intended for authenticated users.”
Gizmodo has reached fraternal industries for more information. In a statement shared on Wednesday, the company said: “Brother would like to thank Rapid7 for their efforts to discover things. We informed our customers about the mitigation on our site.”
