Sunday, June 29, 2025

New vulnerabilities in Brother (and other) Printers

 At least 8 vulnerabilities found in over 700 printer models from Brother and other vendors. Printers, scanners, label makers.
Add Fujifilm Business Innovation, Ricoh, Konica Minolta, and Toshiba. So, millions of devices.

Critical flaw: Allows device serial number to expose default administrator password. Thus any remote and unauthenticated attacker can access device administrator's functions. Printers are computers on your home network. DoS attacks, generate HTTP traffic, expose recently printed documents.

Brother advisory here. The vulnerability exposing the administrator password CAN NOT be patched. Other manufacture's advisories are available on their respective support sites. 

No comments:

Post a Comment