Brother printer bug in 689 models exposes default admin passwords

Gandalf_The_Grey

Gandalf_The_Grey

Level 85
Thread author
Verified
Honorary Member
Top Poster
Content Creator
Well-known
Forum Veteran
Apr 24, 2016
7,750
6
81,460
8,389
54
The Netherlands
Content source
https://www.bleepingcomputer.com/news/security/brother-printer-bug-in-689-models-exposes-default-admin-passwords/
A total of 689 printer models from Brother, along with 53 other models from Fujifilm, Toshiba, and Konica Minolta, come with a default administrator password that remote attackers can generate. Even worse, there is no way to fix the flaw via firmware in existing printers.

The flaw, tracked under CVE-2024-51978, is part of a set of eight vulnerabilities discovered by Rapid7 researchers during a lengthy examination of Brother hardware.
Click to expand...
This crucial vulnerability can be chained with other vulnerabilities discovered by Rapid7 to determine the admin password, take control of devices, perform remote code execution, crash them, or pivot within the networks they're connected to.

Not all of the flaws affect every one of the 689 Brother printer models, but other manufacturers, including Fujifilm (46 models), Konica Minolta (6), Ricoh (5), and Toshiba (2), are impacted as well.
Click to expand...
Security bulletins with instructions on what users should do are available for Brother, Konica Minolta, Fujifilm, Ricoh, and Toshiba.
Click to expand...
www.bleepingcomputer.com

Brother printer bug in 689 models exposes default admin passwords

A total of 689 printer models from Brother, along with 53 other models from Fujifilm, Toshiba, and Konica Minolta, come with a default administrator password that remote attackers can generate. Even worse, there is no way to fix the flaw via firmware in existing printers.
www.bleepingcomputer.com www.bleepingcomputer.com
 
  • Wow
  • Like
  • HaHa
Reactions: Zero Knowledge, Viking, Wrecker4923 and 6 others
Every time I look at these news articles, I'm reminded of why I invested time years ago to set up a network printer/scanner server using CUPS and scanservjs on a Raspberry Pi Zero. No longer do I have to rely on those terrible firmware/drivers/software from companies that not only mine your data (hello HP), but also come packed with terrible security flaws and zero accountability.

The best part is that I can easily swap printers and retain the same infrastructure to access my devices, regardless of vendor. As long as Linux drivers are available, of course.
 
  • Like
  • +Reputation
Reactions: Zero Knowledge and Jonny Quest
And that is why Linux will never be mainstream, the lack of working drivers for mainstream hardware like printers. Even GPU drivers on Linux are hit and miss.
 
You must log in or register to reply here.

You may also like...