Multitudes of Brother Printers Found Riddled with Exploitable Software Vulnerabilities
In a recent development, cybersecurity firm Rapid7 has discovered eight zero-day bugs in Brother printers, one of which is a critical authentication bypass vulnerability (CVE-2024-51978). The blog about these vulnerabilities was published by Rapid7 last week.
The authentication bypass vulnerability allows a hacker to obtain the printer's default password, which could potentially enable them to reconfigure the target device or access functionality intended for authenticated users. It is important to note that there is no evidence that these bugs are currently being exploited in the wild.
To protect Brother printers affected by CVE-2024-51978, users are encouraged to take immediate action. The first step is to change the default administrator password on the affected printers via the Web Based Management interface. This step is crucial because the vulnerability allows attackers to generate the default admin password using the device's serial number, a factor that cannot be fully fixed by firmware updates for existing models.
In addition to changing the password, users should install the latest available firmware updates. Brother has released firmware updates addressing seven of the eight vulnerabilities discovered, and updating firmware reduces risks from other vulnerabilities. Users should check regularly for updates and install them as soon as they become available using Brother’s Firmware Update Tool.
If a firmware update for the model is not yet available, users should consider using the recommended workarounds provided by Brother, such as disabling the WSD function or TFTP as applicable to other vulnerabilities. Operating the printer within a firewall-protected environment is also advisable to limit unauthorized network access.
It is worth noting that CVE-2024-51978 cannot be fully remediated through firmware updates for currently manufactured devices due to the default password being derived from a static algorithm involving the device serial number at the manufacturing stage. Brother plans to resolve this fully in future models by changing the manufacturing process.
Brother Industries has acknowledged Rapid7's efforts in discovering the issues and has been in touch with security researchers since the bugs were first discovered last year, working to mitigate the issues. The company has also informed its customers about the mitigation on its website.
Interestingly, these bugs are not limited to Brother printers. They are also impacting several other printer brands, including Fujifilm, Ricoh, Toshiba, and Konica Minolta.
In conclusion, to ensure the security of their Brother printers, users should prioritize changing the default admin password, applying firmware updates promptly when available, and using firewall protections. These steps mitigate exposure to the critical authentication bypass vulnerability and other related security issues affecting hundreds of Brother printer models.
- Gizmodo could report on the tech community's response to the recent discovery of eight zero-day bugs in Brother printers, with a focus on the critical authentication bypass vulnerability (CVE-2024-51978).
- The future of data-and-cloud-computing might see improved technology in printer cybersecurity, as Brother plans to resolve the issue of the default password being derived from a static algorithm in future models.
- In the realm of technology and cybersecurity, it's essential for users to stay updated on vulnerabilities like CVE-2024-51978, and to take proactive measures such as updating firmware, changing default passwords, and implementing firewall protections to safeguard their devices.
