{"id":339267,"date":"2025-06-28T05:59:32","date_gmt":"2025-06-28T12:59:32","guid":{"rendered":"https:\/\/cms-articles.softonic.io\/en\/?p=339267"},"modified":"2025-07-01T14:16:41","modified_gmt":"2025-07-01T21:16:41","slug":"brother-under-threat-default-password-exploits-could-compromise-networks","status":"publish","type":"post","link":"https:\/\/cms-articles.softonic.io\/en\/brother-under-threat-default-password-exploits-could-compromise-networks\/","title":{"rendered":"Brother Under Threat: Default Password Exploits Could Compromise Networks"},"content":{"rendered":"\n<p class=\"wp-block-paragraph\">In a troubling revelation, cybersecurity firm Rapid7 has uncovered a series of significant vulnerabilities impacting hundreds of Brother Industries&#8217; devices, including printers, scanners, and label makers.<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">The investigation identified eight critical vulnerabilities across 689 models, raising alarms for both home and enterprise users worldwide.<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">Among these, the most severe flaw, labeled with a CVSS score of 9.8, allows attackers to exploit default passwords to take control of affected devices, potentially gaining access to connected networks.<\/p>\n\n\n\n<figure class=\"wp-block-embed is-type-rich is-provider-twitter wp-block-embed-twitter\"><div class=\"wp-block-embed__wrapper\">\n<blockquote class=\"twitter-tweet\" data-width=\"550\" data-dnt=\"true\"><p lang=\"en\" dir=\"ltr\">Millions of printers, scanners, and label makers from Brother are at risk of being hit by eight new vulnerabilities.  <a href=\"https:\/\/t.co\/1siWfjhdxM\">https:\/\/t.co\/1siWfjhdxM<\/a><\/p>&mdash; TechRadar (@techradar) <a href=\"https:\/\/twitter.com\/techradar\/status\/1938199780431397061?ref_src=twsrc%5Etfw\">June 26, 2025<\/a><\/blockquote><script async src=\"https:\/\/platform.twitter.com\/widgets.js\" charset=\"utf-8\"><\/script>\n<\/div><\/figure>\n\n\n\n<h2 class=\"wp-block-heading\">Cybersecurity Firm Uncovers Serious Flaws in Brother Printers and Scanners<\/h2>\n\n\n\n<p class=\"wp-block-paragraph\">This critical vulnerability, known as CVE-2024-51978, enables unauthorized users to generate a device&#8217;s default password by obtaining its serial number, facilitating unauthorized access and control.<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">Notably, remediation requires more than a software patch; the manufacturing process of these devices needs to be overhauled to ensure the default passwords are securely generated, posing a significant challenge for Brother Industries.<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">Furthermore, due to Brother&#8217;s integral role in the supply chain, several models from other manufacturers, including 46 models from Fujifilm, five from Ricoh, and two from Toshiba, are also impacted by these vulnerabilities. This wide-ranging effect raises concerns across the industry regarding similar vulnerabilities in interconnected devices.<\/p>\n\n\n\n<figure class=\"wp-block-embed is-type-rich is-provider-twitter wp-block-embed-twitter\"><div class=\"wp-block-embed__wrapper\">\n<blockquote class=\"twitter-tweet\" data-width=\"550\" data-dnt=\"true\"><p lang=\"en\" dir=\"ltr\">\ud83d\udea8 Rapid7 discovered 8 new vulnerabilities while researching multifunction printers. 742 models across 4 vendors are affected by some or all of these vulns. <br><br>Rapid7 and <a href=\"https:\/\/twitter.com\/jpcert_en?ref_src=twsrc%5Etfw\">@jpcert_en<\/a> worked with <a href=\"https:\/\/twitter.com\/hashtag\/BrotherIndustries?src=hash&amp;ref_src=twsrc%5Etfw\">#BrotherIndustries<\/a> to coordinate the vulnerability disclosure: <a href=\"https:\/\/t.co\/AOupYHaBqm\">https:\/\/t.co\/AOupYHaBqm<\/a> <a href=\"https:\/\/t.co\/dig0LInkTg\">pic.twitter.com\/dig0LInkTg<\/a><\/p>&mdash; Rapid7 (@rapid7) <a href=\"https:\/\/twitter.com\/rapid7\/status\/1937843336020209969?ref_src=twsrc%5Etfw\">June 25, 2025<\/a><\/blockquote><script async src=\"https:\/\/platform.twitter.com\/widgets.js\" charset=\"utf-8\"><\/script>\n<\/div><\/figure>\n\n\n\n<p class=\"wp-block-paragraph\">The other identified vulnerabilities enable hackers to retrieve sensitive information, trigger stack-based buffer overflows, force new TCP connections, perform arbitrary HTTP requests, crash devices, and disclose passwords of external configurations.<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">Rapid7&#8217;s collaborative research with JPCERT\/CC and Brother Industries aims to inform stakeholders about these critical security flaws and highlight necessary mitigation strategies.<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">As technology continues to advance, the implications of such vulnerabilities serve as a stark reminder of the importance of cybersecurity in everyday devices. Consumers and businesses alike are encouraged to stay informed about potential risks and consider proactive measures to protect their data and systems.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>In a troubling revelation, cybersecurity firm Rapid7 has uncovered a series of significant vulnerabilities impacting hundreds of Brother Industries&#8217; devices, including printers, scanners, and label makers. The investigation identified eight critical vulnerabilities across 689 models, raising alarms for both home and enterprise users worldwide. Among these, the most severe flaw, labeled with a CVSS score &hellip; <a href=\"https:\/\/cms-articles.softonic.io\/en\/brother-under-threat-default-password-exploits-could-compromise-networks\/\" class=\"more-link\">Continue reading<span class=\"screen-reader-text\"> &#8220;Brother Under Threat: Default Password Exploits Could Compromise Networks&#8221;<\/span><\/a><\/p>\n","protected":false},"author":9265,"featured_media":339268,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":"","wpcf-pageviews":0},"categories":[1015],"tags":[],"usertag":[],"vertical":[],"content-category":[],"class_list":["post-339267","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-news"],"aioseo_notices":[],"_links":{"self":[{"href":"https:\/\/cms-articles.softonic.io\/en\/wp-json\/wp\/v2\/posts\/339267","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/cms-articles.softonic.io\/en\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/cms-articles.softonic.io\/en\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/cms-articles.softonic.io\/en\/wp-json\/wp\/v2\/users\/9265"}],"replies":[{"embeddable":true,"href":"https:\/\/cms-articles.softonic.io\/en\/wp-json\/wp\/v2\/comments?post=339267"}],"version-history":[{"count":1,"href":"https:\/\/cms-articles.softonic.io\/en\/wp-json\/wp\/v2\/posts\/339267\/revisions"}],"predecessor-version":[{"id":339269,"href":"https:\/\/cms-articles.softonic.io\/en\/wp-json\/wp\/v2\/posts\/339267\/revisions\/339269"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/cms-articles.softonic.io\/en\/wp-json\/wp\/v2\/media\/339268"}],"wp:attachment":[{"href":"https:\/\/cms-articles.softonic.io\/en\/wp-json\/wp\/v2\/media?parent=339267"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/cms-articles.softonic.io\/en\/wp-json\/wp\/v2\/categories?post=339267"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/cms-articles.softonic.io\/en\/wp-json\/wp\/v2\/tags?post=339267"},{"taxonomy":"usertag","embeddable":true,"href":"https:\/\/cms-articles.softonic.io\/en\/wp-json\/wp\/v2\/usertag?post=339267"},{"taxonomy":"vertical","embeddable":true,"href":"https:\/\/cms-articles.softonic.io\/en\/wp-json\/wp\/v2\/vertical?post=339267"},{"taxonomy":"content-category","embeddable":true,"href":"https:\/\/cms-articles.softonic.io\/en\/wp-json\/wp\/v2\/content-category?post=339267"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}