Brother is known for producing high-quality home printers, enjoying widespread popularity with millions of devices in use globally. However, a recent study by Rapid7 has uncovered significant security vulnerabilities affecting numerous Brother models, as well as some from other brands. The research identified eight vulnerabilities in a staggering 689 Brother products, including printers, scanners, and label printers.
Additionally, 46 models from Fujifilm, six from Konica Minolta, five from Ricoh, and two from Toshiba were also found to be at risk due to their reliance on Brother components. The vulnerabilities range in severity, with scores from moderate (5.3) to critical (9.8) on the Common Vulnerability Scoring System (CVSS), intensifying the need for immediate attention. One concerning issue revolves around the weak password generation algorithm used by Brother, which relies on the device’s serial number and a static table.
Cybercriminals can exploit this weakness by retrieving the serial number of the printer and using it to generate the default password, thereby gaining control over the device. This could potentially lead to further attacks on other devices within the same network. Additional vulnerabilities may allow hackers to access sensitive data, cause printer crashes, establish unauthorized network connections, or expose passwords linked to connected devices.
For those who own affected devices, immediate action is required. Unfortunately, the critical password vulnerability is rooted in the manufacturing process and cannot be resolved through software updates. Brother intends to address this issue in future models.
In the meantime, it is crucial for users to manually change their admin passwords from the default settings. Other protective measures include updating firmware, implementing a strong admin password, and securing the device through a firewall or placing it on a separate network. Restrictions on access—such as limiting connection via port 9100—are also recommended.
Brother is collaborating with Rapid7 and JPCERT/CC to address these vulnerabilities, but users must take prompt measures to safeguard their devices.