748 models of Ricoh, Konica Minolta, Fujifilm, Toshiba, and Brother copiers have vulnerabilities that expose passwords and leak information
Security company Rapid7 has reported eight vulnerabilities in printers, scanners, and other devices from Ricoh, Konica Minolta, Fujifilm, Toshiba Tec, and Brother. Each vulnerability poses risks such as default password exposure and information leakage, affecting a total of 748 models of devices.
Multiple Brother Devices: Multiple Vulnerabilities (FIXED) - Rapid7 Blog
Print Scan Hacks:Identifying multiple vulnerabilities across multiple Brother devices
(PDF file) https://assets.contentstack.io/v3/assets/blte4f029e766e6b253/blt6495b3c6adf2867f/685aa980a26c5e2b1026969c/vulnerability-disclosure-whitepaper.pdf
Rapid7 discovered the following eight vulnerabilities. Some of the vulnerabilities include the ability to generate default passwords for devices and the ability to send arbitrary HTTP requests. Combining multiple vulnerabilities could lead to serious attacks.
| CVE Identification Numbers | Risk of Exploitation | Affected Services | CVSS (Severity) |
|---|---|---|---|
| CVE-2024-51977 | Leaking confidential information | HTTP (port 80), HTTPS (port 443), IPP (port 631) | 5.3 (Warning) |
| CVE-2024-51978 | Generate a Default Administrator Password | HTTP (port 80), HTTPS (port 443), IPP (port 631) | 9.8 (Urgent) |
| CVE-2024-51979 | Buffer overflow | HTTP (port 80), HTTPS (port 443), IPP (port 631) | 7.2 (Important) |
| CVE-2024-51980 | Forcing a TCP connection to be opened | Web services over HTTP (port 80) | 5.3 (Warning) |
| CVE-2024-51981 | Force an arbitrary HTTP request | Web services over HTTP (port 80) | 5.3 (Warning) |
| CVE-2024-51982 | Device crashes | PJL (port 9100) | 7.5 (important) |
| CVE-2024-51983 | Device crashes | Web services over HTTP (port 80) | 7.5 (important) |
| CVE-2024-51984 | External service password disclosure | LDAP, FTP | 6.8(Warning) |
The devices affected by the vulnerabilities include 5 Ricoh models, 6 Konica Minolta models, 46 Fujifilm models, 2 Toshiba Tec models, and 689 Brother models, totaling 748 models. However, not all models are affected by all eight vulnerabilities, and each model has multiple vulnerabilities out of the eight. The number of devices affected by each vulnerability is as follows:
Rapid7 has published proof-of-concept code for the vulnerability at the following link:
GitHub - sfewer-r7/BrotherVulnerabilities: Multiple Brother Devices: Multiple Vulnerabilities (CVE-2024-51977, CVE-2024-51978, CVE-2024-51979, CVE-2024-51980, CVE-2024-51981, CVE-2024-51982, CVE-2024-51983, CVE-2024-51984)
https://github.com/sfewer-r7/BrotherVulnerabilities
In addition, device manufacturers have published pages summarizing how to respond to vulnerabilities.
Vulnerability Information | Global | Ricoh
https://www.ricoh.com/products/security/vulnerabilities/vul?id=ricoh-2025-000007
Regarding the impact of multiple vulnerabilities in Konica Minolta bizhub 4020i/4000i multifunction printers - Important Notice | Konica Minolta
https://www.konicaminolta.jp/business/support/important/250625_01_01.html
Notice and request regarding multiple vulnerabilities in some models of our DocuPrint series: Fujifilm Business Innovation
https://www.fujifilm.com/fb/company/news/notice/2025/0625_announce.html
Toshiba Tec: Vulnerabilities in some Toshiba Tec digital multifunction printers
https://www.toshibatec.co.jp/information/20250625_02.html
Addressing Security Vulnerabilities | Brother
https://support.brother.com/g/b/faqend.aspx?c=as_ot&lang=en&prod=group2&faqid=faq00100846_000
Addressing Security Vulnerabilities | Brother
https://support.brother.com/g/b/faqend.aspx?c=as_ot&lang=en&prod=group2&faqid=faq00100848_000
Addressing Security Vulnerabilities | Brother
https://support.brother.com/g/b/faqend.aspx?c=as_ot&lang=en&prod=lmgroup1&faqid=faqp00100620_000
Related Posts:
