According to reports,689 printers from Brother, as well as 53 other models from Fujifilm, Toshiba and Konica Minolta, are vulnerable to attacks targeting their administrator passwords.According to reports, security researchers recently discovered eight printer vulnerabilities. The severity ratings of these vulnerabilities range from 5.3 (moderate) to 9.8 (severe), indicating that their potential harm should not be underestimated.
By exploiting a combination of these vulnerabilities, attackers can remotely control the printer, leading to a series of security issues such as remote code execution, printer crashes, and sensitive information leakage.
Among them, CVE-2024-51978 has the highest score of 9.8, which mainly affects Brother brand printers.
Number of models affected by each vulnerability
The reason is that Brother Printer uses a relatively weak password generation algorithm. This algorithm concatenates the first 16 characters of the serial number with 8 bytes in the static salt table, uses SHA256 for hashing and Base64 encoding, and finally takes the first 8 characters and replaces some of them to form a password.
The static nature of this password generation algorithm means that an attacker can obtain the serial number and then crack the default administrator password by linking various existing vulnerabilities.
To make matters worse, explaining CVE-2024-51978, the researchers said: "Brother states that this vulnerability cannot be fully fixed in firmware and will only address the issue during the production of next-generation printer models."
r