Source URL: https://hardware.slashdot.org/story/25/06/26/2351234/brother-printer-bug-in-689-models-exposes-millions-to-hacking?utm_source=rss1.0mainlinkanon&utm_medium=feed
Source: Slashdot
Title: Brother Printer Bug In 689 Models Exposes Millions To Hacking
Feedly Summary:
AI Summary and Description: Yes
Summary: Recent discoveries by Rapid7 have identified significant vulnerabilities in hundreds of printer models, particularly from Brother, exposing millions of devices to potential attacks. The most critical flaw allows attackers to bypass authentication using default passwords tied to printer serial numbers.
Detailed Description: The report details serious vulnerabilities affecting a wide range of multifunction printers, emphasizing the impacts on security and compliance within organizations that utilize these devices. Key highlights include:
– **Vulnerable Devices**: The vulnerability affects 689 models from Brother, and several other manufacturers, including Fujifilm, Ricoh, Konica Minolta, and Toshiba, indicating a widespread security issue.
– **Critical Vulnerability (CVE-2024-51978)**:
– Allows remote and unauthenticated attackers to bypass authentication.
– Attackers can derive the default administrator password using the device’s serial number, which is generated during manufacturing.
– This vulnerability can be combined with CVE-2024-51977, which enables information disclosure by extracting the device’s serial number.
– **Exploitable Attacks**: The vulnerabilities can lead to various attacks, including:
– Denial of Service (DoS) attacks.
– Unauthorized access to configure the device or misuse functionalities meant for authenticated users.
– Overriding functionality through stack overflow attacks or issuing arbitrary HTTP requests.
– **Severity Ratings**: The vulnerabilities vary in severity from medium to critical, with six out of the eight identified flaws being exploitable without authentication.
– **Mitigation Efforts**: Brother has addressed most vulnerabilities with patches, but CVE-2024-51978 requires procedural changes in manufacturing future devices, indicating a long-term solution is needed to prevent exploitation in existing devices.
This incident highlights the critical need for organizations to maintain robust security protocols for device management, emphasizing the importance of monitoring for firmware updates and understanding device vulnerabilities as part of their overall security posture. Security and compliance professionals should prioritize assessing the security of all networked devices, including printers, to mitigate potential risks within their infrastructure.