![[The AI Show Episode 156]: AI Answers - Data Privacy, AI Roadmaps, Regulated Industries, Selling AI to the C-Suite & Change Management](https://www.marketingaiinstitute.com/hubfs/ep%20156%20cover.png)
![[The AI Show Episode 155]: The New Jobs AI Will Create, Amazon CEO: AI Will Cut Jobs, Your Brain on ChatGPT, Possible OpenAI-Microsoft Breakup & Veo 3 IP Issues](https://www.marketingaiinstitute.com/hubfs/ep%20155%20cover.png)
![[DEALS] 1min.AI: Lifetime Subscription (82% off) & Other Deals Up To 98% Off – Offers End Soon!](https://www.javacodegeeks.com/wp-content/uploads/2012/12/jcg-logo.jpg){kind=logo}
_incamerastock_Alamy.jpg?width=1280&auto=webp&quality=80&disable=upscale#)
_Brain_light_Alamy.jpg?width=1280&auto=webp&quality=80&disable=upscale#)
![Some of our favorite Pixel Watch 3 accessories [Video]](https://i0.wp.com/9to5google.com/wp-content/uploads/sites/4/2024/10/Best-Pixel-Watch-3-accessories.jpg?resize=1200%2C628&quality=82&strip=all&ssl=1){kind=tracking}
![How’s your Pixel holding up in the heat? [Poll]](https://i0.wp.com/9to5google.com/wp-content/uploads/sites/4/2024/08/google-pixel-9-pro-xl-31.jpg?resize=1200%2C628&quality=82&strip=all&ssl=1){kind=tracking}
![Nothing Phone (3) has a 50MP ‘periscope’ telephoto lens – here are the first samples [Gallery]](https://i0.wp.com/9to5google.com/wp-content/uploads/sites/4/2025/06/nothing-phone-3-telephoto.jpg?resize=1200%2C628&quality=82&strip=all&ssl=1)
Brother releases firmware updates for hundreds of printers to address security issues
Security researchers at Rapid7 have discovered eight vulnerabilities in Brother printers that affect a total of 689 different printer models. Printers from Fujifilm Business, Ricoh, Toshiba, and Konica are also affected. It […] Thank you for being a Ghacks reader. The post Brother releases firmware updates for hundreds of printers to address security issues appeared first on gHacks Technology News.
Security researchers at Rapid7 have discovered eight vulnerabilities in Brother printers that affect a total of 689 different printer models. Printers from Fujifilm Business, Ricoh, Toshiba, and Konica are also affected.
It is fair to say that most Brother printers appear to be affected by the issue. The company has created a PDF document that lists its devices and the security issues that affects them. The list covers inject printers and laser printers. You need the printer's model, e.g., MFC-L2710DN, which you find listed on the printer itself. Use built-in search functionality to find out if a specific printer is affected and to what degree.
The PDF document contains update information for each printer as well. If you see available in the firmware update column, you know that an updated driver is available already. Next step then is to visit the Brother website to download the firmware update utility or to check the admin interface for firmware updates.
Brother recommends changing the default administrator password of the printer after installation of the firmware update. If no firmware is available yet, it recommends implementing the workarounds (see below) and checking the support page for updates.
The most severe vulnerability
Rapid7 notes that the most severe of the vulnerabilities is an authentication bypass vulnerability. An unauthenticated hacker may exploit the vulnerability remotely to generate the default administrator password. If that password has not been changed, it would give the attacker access to the admin interface.
Brother notes that the vulnerability can't be remediated by firmware alone. Means, it is essential that you change the default administrator password of your Brother printer immediately to protect it against potential attacks.
Note that all vulnerabilities require at least network or Web connectivity. If you do not connect the printer to the network or Internet, or have disabled functionality in the settings, then it may not be affected by some of all of the vulnerabilities.
Brother suggests the following workarounds for the vulnerabilities (these may impact some functionality):
- CVE-2017-9765 Disable the WSD function.
- CVE-2024-2169 Disable TFTP.
- CVE-2024-51977 No Workaround.
- CVE-2024-51978 Change the default administrator password.
- CVE-2024-51979 Change the default administrator password.
- CVE-2024-51980 Disable the WSD function.
- CVE-2024-51981 Disable the WSD function.
- CVE-2024-51982 No Workaround.
- CVE-2024-51983 Disable the WSD function.
- CVE-2024-51984 Change the default administrator password.
As you can see, workarounds are available for all but two of the reported issues.
Notes:
- WSD refers to Web Services for Devices. You may be able to turn that off in the printer settings.
- TFTP refers to the Trivial File Transfer Protocol. It is used to transfer files between clients and servers. You may be able to turn the feature off in the printer settings.
Additional information is provided on the Brother website.
Now You: do you use Brother printers? Are yours affected by the security issue?
Thank you for being a Ghacks reader. The post Brother releases firmware updates for hundreds of printers to address security issues appeared first on gHacks Technology News.
