Learn extra at:
TL;DR: Hackers have cracked Brother’s methodology of producing default admin passwords for a whole bunch of its printers, scanners, and label makers, placing customers who have not modified them in danger. Moreover, researchers discovered seven different severe vulnerabilities affecting Brother and different manufacturers. Customers ought to go to firm web sites for safety advisories and replace their firmware.
Safety researchers at Rapid7 just lately reported eight vulnerabilities affecting over 689 printers, scanners, and label makers manufactured by Brother. A number of fashions from Fujifilm, Ricoh, Toshiba, and Konica Minolta are additionally impacted.
Probably the most severe vulnerability (CVE-2024-51978) lets attackers uncover default administrator passwords for Brother, Toshiba, and Konica Minolta gadgets if they’ve the machine’s serial quantity. Hackers have already uncovered the strategy producers use to generate distinctive default passwords from serial numbers.
Brother can not patch the outlet as a result of it generates the default passwords throughout the manufacturing course of. The corporate has already up to date its password generator, so gadgets made after March 2025 needs to be unaffected. Nevertheless, customers with older fashions ought to change their administrator passwords.
In the meantime, a number of different vulnerabilities let attackers leak delicate info, take management of gadgets, execute code remotely, or set off crashes. Firmware updates to repair all of them are actually accessible.
Brother has posted a listing of affected gadgets on its support site, together with safety advisories for printers, scanners, and label makers detailing the required fixes. Likewise, Fujifilm, Ricoh, Toshiba, and Konica Minolta have revealed related steering on their respective web sites. Most treatments contain disabling WSD, turning off TFTP, or altering the administrator password.
One other flaw (CVE-2024-51982) permits attackers to repeatedly crash gadgets by connecting to TCP port 9100. Brother notes that putting in new firmware is the one solution to deal with this subject. Nevertheless, some customers could also be hesitant to replace since Brother started intentionally degrading print high quality when its printers detect third-party toner.
Brother printers have been as soon as praised for supporting third-party toner, particularly as HP drew criticism for locking clients into expensive ink subscriptions. Whereas third-party toner nonetheless capabilities in Brother gadgets, customers can not robotically register colours, and print high quality is considerably degraded. These involved about these safety vulnerabilities could need to weigh the dangers in opposition to the potential financial savings on substitute ink.
