Security flaws discovered in hundreds of Brother printers and related devices pose a critical risk to users worldwide, according to a detailed investigation by cybersecurity firm Rapid7. The study identified eight vulnerabilities affecting 689 models—including Brother’s widely used printers, scanners, and label printers—as well as products from Fujifilm, Konica Minolta, Ricoh, and Toshiba that rely on Brother components. The severity of these flaws ranges from moderate to critical, with some scoring up to 9.8 on the CVSS scale, signaling potentially devastating impacts on device security and network integrity.
Chief among these concerns is a vulnerability known as CVE-2024-51978, which reveals a fundamental weakness in Brother’s approach to default administrator password generation. Instead of assigning unique, randomized passwords, Brother’s devices use a static algorithm that calculates passwords based on the device’s serial number. Because serial numbers can be accessed through other vulnerabilities, attackers can easily reverse-engineer the admin password, effectively granting themselves full control over the printer. This access could be exploited to manipulate printer settings, intercept sensitive data, or serve as an entry point for broader network attacks. Other vulnerabilities discovered allow hackers to remotely crash printers, extract confidential information, and access passwords of connected devices, compounding the security risk.
In response, Brother has issued firmware updates that patch seven of the eight vulnerabilities. Unfortunately, the critical password flaw is embedded during the manufacturing stage and cannot be rectified with a simple software fix. Brother has announced plans to overhaul their manufacturing process to generate more secure default passwords in future models, but existing devices remain vulnerable unless users take manual steps to secure them. Users are strongly advised to immediately change the default administrator password to a strong, unique credential and ensure their firmware is fully up to date.
Further security measures are also recommended to mitigate risk. Network administrators should place printers behind firewalls, restrict access to sensitive ports such as 9100, and ideally isolate printer networks from critical business infrastructure. Brother’s cooperation with security groups like Rapid7 and JPCERT/CC is ongoing, aiming to monitor and respond to emerging threats. This situation highlights the growing challenge of securing Internet-connected office devices, which often lack robust protections despite their essential role in daily business operations. Users and IT teams must remain vigilant and act quickly to prevent attackers from exploiting these critical vulnerabilities.