- Rapid7 -Research has revealed several printer vulnerabilities
- Brother, fujifilm, ricoh and toshiba printers are all in danger
- Rapid7 and Brother have released mackets and solutions
Brother Industries produces some of the best home printers on the market and has millions of machines across the globe.
But research from RAPID7 has found that hundreds of home and corporate brother models are vulnerable to several serious safety vulnerability.
What’s worse, one of the vulnerabilities cannot be patched with a simple software update, and the device needs to be redesigned to remove the error.
Millions of printers vulnerable
In total, RAPID7 found eight serious vulnerabilities that affected 689 models of brother units covered printers, scanners and label manufacturers. Due to the brother’s position in the supply chain, 46 Fujifilm models, five Ricoh models and two Toshiba models are also affected by the vulnerabilities.
The most serious vulnerability – an approval compass -vulnerability with a cvss score of 9.8 – allows an attacker to use the printer’s standard access code to take over the device and potentially access connected systems. By acquiring the target unit serial number, the striker can generate the standard access code to the specific device.
Typically, the default passwords are generated during manufacture, which means that brother to alleviate this vulnerability must make changes to the manufacturing process to fully protect devices from being utilized by CVE-2024-51978.
The other vulnerabilities include methods of hackers to retrieve sensitive information on the device, trigger stack -based buffer overflow, force new TCP connections, perform arbitrary HTTP requests, go down on the device and reveal the passwords of a configured external device. The full details of these vulnerabilities and recommended remedies can be found here.
Rapid7’s research project was carried out with JPCert/CC and brother industries to help consumers and businesses be aware of the threats that the vulnerabilities are and the potential memories that can be used.
