Printer updates in dire need of immediate attention, brother
In a recent revelation, cybersecurity firm Rapid7 has uncovered a series of security vulnerabilities affecting a wide range of multifunction printers (MFPs) from five major vendors: Brother, Fujifilm, Ricoh, Toshiba, and Konica-Minolta. A total of 748 models across these five vendors are impacted by these vulnerabilities [1][2][3].
### Key Vulnerabilities
The most critical vulnerability, CVE-2024-51978, is unique to Brother printers. This authentication bypass flaw allows a remote, unauthenticated attacker to leak the printer's serial number and generate the device's default administrator password based on this serial number. Unfortunately, according to Brother, this flaw cannot be fully fixed with firmware updates [1][2][3].
Other vulnerabilities found by Rapid7 range from medium to high severity and include Denial-of-Service (DoS) attacks, extraction of passwords for configured external services, stack overflow triggers, and the issuance of arbitrary HTTP requests. Six of the eight discovered vulnerabilities can be exploited without any authentication [1][5].
### Vendor Responses and Patches
Brother has released firmware updates to patch seven of the eight vulnerabilities, but CVE-2024-51978 remains only partially mitigated with an official workaround available for affected devices [1][3][5]. Vendors such as JPCERT/CC and the affected manufacturers have published security advisories detailing the vulnerabilities and mitigations. Firmware updates are expected or already provided by these vendors to fix the other vulnerabilities on models affected.
### Recommended Actions for Users
For users of Brother printers, it is recommended to immediately change the administrator password to prevent exploitation of the default password generation weakness [2]. Users should also check for and apply firmware updates from their printer manufacturer's official website to address all patchable vulnerabilities. Given that the most dangerous vulnerability cannot be fully fixed on existing devices, users are advised to follow the provided workaround until the device is replaced or the official guidance is followed.
Users of affected Fujifilm, Ricoh, Toshiba, and Konica-Minolta devices should consult their vendors' advisories and apply recommended patches or mitigations promptly [1][3][4].
### Summary Table of Actions by Vendor
| Vendor | Affected Models | Critical Flaw Status | Recommended Actions | |---------------|-----------------|----------------------------------------|-------------------------------------------------| | Brother | 689 models | CVE-2024-51978 unpatchable, workaround | Change admin password, apply firmware updates, follow workaround | | Fujifilm | 46 models | Some vulnerabilities patchable | Check advisories, apply firmware updates | | Ricoh | 5 models | Some vulnerabilities patchable | Check advisories, apply firmware updates | | Toshiba | 2 models | Some vulnerabilities patchable | Check advisories, apply firmware updates | | Konica Minolta | 6 models | Some vulnerabilities patchable | Check advisories, apply firmware updates |
Users are advised to stay vigilant and monitor official vendor communications for future updates or recalls. Given the difficulty in fully patching some flaws, consider replacing devices if feasible to ensure long-term security [1][2][3].
For more information on the specific models affected and instructions on how to change the password and check for updates, please refer to your printer manufacturer's official website or security advisory. It's also recommended to note down or save the new password in a password manager for safekeeping.
- The security vulnerabilities discovered by Rapid7 affect a wide range of technology devices, including multifunction printers (MFPs), and these vulnerabilities include Denial-of-Service (DoS) attacks, password extraction, stack overflow triggers, and arbitrary HTTP requests.
- In response to the discovered vulnerabilities, users are advised to stay vigilant, monitor official vendor communications, and apply recommended firmware updates or patches to ensure the long-term security of their technology devices.
