Brother Printer Bug In 689 Models Exposes Millions To Hacking
In a significant cybersecurity incident, researchers from Rapid7 have identified a critical vulnerability in 689 Brother printer models, as well as devices from Fujifilm Business Innovation, Ricoh, Konica Minolta, and Toshiba. The issue, tracked as CVE-2024-51978, allows attackers to bypass authentication and gain access to administrative functions, potentially enabling reconfiguration of devices and the exploitation of other vulnerabilities.
The most serious of the flaws, CVE-2024-51978, could be exploited to bypass authentication by obtaining the device’s default administrator password. This vulnerability could be combined with an information disclosure flaw, CVE-2024-51977, to obtain a device’s serial number, which is used to generate the default admin password. Rapid7 explained that the default password generation procedure employed by Brother devices transforms a serial number into a password, which is set during the manufacturing process.
Having the admin password enables an attacker to reconfigure the device or abuse functionality intended for authenticated users. The remaining vulnerabilities, rated at ‘medium’ and ‘high’ severity, can be exploited for Denial of Service (DoS) attacks, forcing the printer to open a TCP connection, obtain the password of a configured external service, trigger a stack overflow, and perform arbitrary HTTP requests. Six of the eight vulnerabilities found by Rapid7 can be exploited without authentication.
Brother has patched most of the flaws, but CVE-2024-51978 requires a new manufacturing process to fully resolve, which will apply only to future devices. The issue has raised significant concerns among cybersecurity professionals and enterprise users, as this vulnerability could lead to widespread data breaches and unauthorized access to sensitive information. Security experts are urging users to update their devices or contact Brother for further assistance in mitigating the risks associated with these vulnerabilities.
It is crucial for users to remain vigilant and apply the necessary security patches to protect their devices from potential cyber threats. The incident highlights the importance of addressing cybersecurity vulnerabilities in consumer and enterprise hardware, ensuring that manufacturers are held accountable for the security of their products. As the digital landscape continues to evolve, it is essential for both consumers and manufacturers to prioritize cybersecurity measures to safeguard against future threats.