Immediate updates needed for your printer brother
A significant security vulnerability has been discovered in printers and multifunction devices from Brother, Fujifilm, Ricoh, Toshiba, and Konica Minolta by US security firm Rapid7. The vulnerabilities impact a total of 748 models across these brands, posing risks such as default password exposure, information leakage, and authentication bypass.
## Affected Models
Brother's range of printers, scanners, and label makers is the most affected, with 689 models being vulnerable. Fujifilm, Ricoh, Toshiba Tec, and Konica Minolta also have models affected, with 46, 5, 2, and 6 models respectively. It's worth noting that this vulnerability extends to devices that use Brother components but are manufactured by other OEMs [1][2][3].
## Key Vulnerabilities
The most critical vulnerability, CVE-2024-51978, allows a remote unauthenticated attacker to leak the device’s serial number and, using a weak default password generation algorithm, determine the default administrator password for the device. Other vulnerabilities include unauthorized access to sensitive data, device crashes, unauthorized network connections, and disclosure of passwords for connected devices [2][3][4].
## How Users Can Update and Mitigate Risks
Firmware updates have been provided by the manufacturers to address seven of the eight vulnerabilities. Users should check the official support websites for updated firmware and follow the installation instructions [3][4]. For the critical password vulnerability (CVE-2024-51978), which cannot be fixed via firmware update, users must manually change the default administrator password to a strong, unique password, disable remote management features if not required, and monitor device logs for suspicious activity [2][3][4].
Users should visit the official support sites or Rapid7’s documentation to verify if their specific printer model is affected [4]. To update the firmware, users can follow the sequence on the printer display: "Settings/Device Info/OK", then select "Firmware Update", press "OK", and follow the on-screen instructions. After updating, users should enter a new password and confirm it when prompted [2][3][4].
The default password for the printer can be found on or under the device. To change the administrator password, go to "Administrator/Login Password" after logging in with the default password. It is recommended to note down or store the new password in a password manager [2][3][4].
## Summary Table
| Brand | Number of Affected Models | Main Vulnerability | Remediation Steps | |-----------------|--------------------------|---------------------------|------------------------------| | Brother | 689 | Default password exposure | Firmware update, password change | | Fujifilm | 46 | Default password exposure | Firmware update, password change | | Ricoh | 5 | Default password exposure | Firmware update, password change | | Toshiba Tec | 2 | Default password exposure | Firmware update, password change | | Konica Minolta | 6 | Default password exposure | Firmware update, password change |
**Key Takeaway:** Update your device firmware for most vulnerabilities, but for the critical default password flaw, manually change the admin password immediately, as this cannot be patched via firmware [2][3][4].
In light of the concerning vulnerability discovered in printers and multifunction devices, it's essential for users to update their technology, such as printers, to mitigate risks. For instance, Brother, with 689 affected models, has provided firmware updates to address several weaknesses, with the most critical one, CVE-2024-51978, requiring users to manually change their default administrative password for enhanced security.
