Security researchers have discovered a serious vulnerability in hundreds of Brother printer models that allows remote attackers to generate default administrator passwords. The issue affects 689 Brother models and 53 models from other manufacturers.
G. Ostrov
Rapid7, in conjunction with JPCERT/CC, has discovered a critical vulnerability in Brother printers' default password generation system. The issue affects 689 Brother printer models, as well as 53 models from Fujifilm, Toshiba, and Konica Minolta.
Nature of the vulnerability
The vulnerability, assigned CVE-2024-51978, lies in the fact that the default administrator password is generated based on the device's serial number. If an attacker obtains the printer's serial number, they can automatically generate the corresponding administrator password.
The situation is worsened by the presence of a second vulnerability, CVE-2024-51977, which allows obtaining the device's serial number remotely without authentication. The combination of these two vulnerabilities makes the attack particularly dangerous.
Scope of the problem
Particularly concerning is the fact that this vulnerability cannot be fixed through firmware updates on existing printers. This means that millions of devices worldwide remain vulnerable to attacks.
Affected devices include both home and enterprise printers, creating serious information security risks for organizations and private users.
Protection recommendations
Brother printer users are strongly advised to:
- Immediately change the default administrator password
- Restrict network access to printers through firewalls
- Regularly check device access logs
- Where possible, isolate printers in separate network segments
For more detailed information about the vulnerability, it is recommended to consult official security sources.
If you encounter any problems, contact us, we will help quickly and professionally!