DEV Community

Linda Mbeki
Linda Mbeki

Posted on

🚨 Printer Security Alert: Rapid7 Uncovers Critical CVSS 9.8 Flaws in Brother & Other MFPs

#cybersecurity #vulnerabilities #infosec

By Linda Mbeki — June 26, 2025 · 4 min read

printer vulnerability
Hey everyone, Linda here! I wanted to share some urgent security news that affects thousands of multifunction printers (MFPs) from major vendors like Brother, FUJIFILM Business Innovation, Ricoh, and Toshiba Tec. Rapid7 just revealed a set of eight serious vulnerabilities impacting 742 different printer models.

The most critical one — CVE-2024-51978 — scores a CVSS 9.8 and lets attackers bypass authentication using only the printer’s serial number. Yep, no password needed!

What’s Going On?

Brother’s default password system converts a serial number into the admin password, which attackers can easily figure out remotely.

Why this matters:

  • Over 690 Brother models are affected
  • Firmware updates can’t fully fix it — Brother had to change manufacturing to secure new devices
  • Legacy printers get a workaround, but it’s not ideal

The Worst-Case Scenario: Remote Code Execution

Another flaw, CVE-2024-51979, is a stack buffer overflow that attackers can use once they’re “in” from the first flaw. Put them together and you have a chain allowing full remote code execution (RCE).

How attackers exploit this chain:

  1. Discover printer serial number via network protocols like PJL or SNMP
  2. Calculate default admin password
  3. Authenticate and exploit buffer overflow
  4. Run arbitrary code on the device remotely

Other Vulnerabilities in the Mix

  • CVE-2024-51977: Information leakage exposing serial numbers
  • CVE-2024-51980 / 51981: SSRF enabling network pivoting
  • CVE-2024-51982 / 51983: Denial-of-Service crashes
  • CVE-2024-51984: Password exposure via LDAP/FTP configs

What Should You Do Now?

  • Update your printer firmware immediately
  • Change default admin passwords
  • Restrict SNMP and PJL network access
  • Follow vendor-specific mitigation guides

Final Thoughts

Printers might seem like simple devices, but they’re increasingly targeted as weak network entry points. Make sure you treat them with the same security rigor as your servers!

If you found this useful, follow me here on Dev.to for more cybersecurity updates and deep dives. Feel free to share your printer security tips or questions below!

— Linda Mbeki

Top comments (0)