A significant security vulnerability affects 689 Brother printers and several other major brands due to default administrator passwords that attackers can generate. This flaw, CVE-2024-51978, cannot be fully fixed with firmware updates and poses serious risks including remote code execution and device control. #Brother #CVE202451978
Keypoints
- The flaw involves default administrator passwords generated during manufacturing, which are easily reversible.
- Attackers can exploit vulnerabilities to gain control, trigger crashes, or perform remote code execution on affected printers.
- Manufacturers like Brother, Fujifilm, Toshiba, and Konica Minolta are impacted, with firmware fixes available but not sufficient for CVE-2024-51978.
- The password algorithm uses reversible hashing based on the deviceβs serial number, making it predictable for attackers.
- Users should immediately change default passwords and restrict printer access over unsecured networks to mitigate risks.