19 hours ago
8
Hundreds of Brother printer models have been found to harbor a serious security flaw that can't be fully patched on existing devices. First noticed by Rapid7 in May and publicly disclosed on June 25, this unpatchable vulnerability lets an attacker who knows -- or can find out -- your printer's serial number generate its default administrator password.
Also: Patch your Windows PC now before bootkit malware takes it over - here's how
Yes, the same password that's set in the factory and that many of us never change. But the "good" news is you can still protect yourself by changing that default password today.
What happened and how bad is it?
Rapid7's zero-day research has revealed eight security holes across 689 Brother printer, scanner, and label-maker models -- and an additional 59 devices from Fujifilm, Toshiba Tec, Ricoh, and Konica Minolta. Of those eight flaws, seven can be fully patched with firmware updates. But the big one -- CVE-2024-51978 -- can't be fixed on any device already sitting in your home or office.
CVE-2024-51978 carries a CVSS score of 9.8 "Critical" severity. Once an attacker knows a device's serial number, they can reconstruct the password, log in with full privileges, and launch all sorts of nastiness.
Also: Is your Asus router part of a botnet? How to check - and what you can do
According to a detailed technical analysis by Rapid7, Brother uses a password generation algorithm during manufacturing that is easily reversible. An attacker who leaks your serial number (for example via CVE-2024-51977) can reverse this process, recover your factory password, and log in with full privileges -- allowing them to reconfigure the device, access scans and address books, trigger remote code execution (CVE-2024-51979), or steal external-service credentials (CVE-2024-51984).
How many devices are susceptible?
In total, 748 devices across five vendors are affected by at least one of the eight vulnerabilities.
Beyond Brother's 689 models, there are:
- 46 Fujifilm Business Innovation printers
- 5 Ricoh printers
- 2 Toshiba Tec devices
- 6 Konica Minolta models
Also: The best online photo printing services: Expert tested and reviewed
Not every flaw impacts every printer. For instance, only 695 models are vulnerable to the default-password bug, and around 208 models can be crashed remotely via the Denial-of-Service flaws (CVE-2024-51982 and CVE-2024-51983).
How to tell if your printer is affected
If you own a Brother printer, you can check to see if your model is affected on this Brother support page (PDF).
What's been fixed?
Brother has released firmware updates that patch seven of the eight vulnerabilities:
You can download these updates from Brother's support pages (under Printers, Scanners, or Label Printers). Fujifilm, Ricoh, Toshiba, and Konica Minolta have similarly published advisories and firmware for their affected models.
What should you do now?
The one remaining sore spot -- CVE-2024-51978 -- can't be patched retroactively. That means Brother's only remedy is to update its manufacturing line so that new printers ship with non-predictable default passwords. So, if you own an existing affected printer, you need to change the default admin password now. You can do that through the device's Web-Based Management menu.
Also: 7 password rules security experts live by in 2025 - the last one might surprise you
Honestly, this serves as a good reminder: when you bring a new device home, even a printer, be sure to change its factory-set password.
Get the morning's top stories in your inbox each day with our Tech Today newsletter.
English (US) ·