Millions of Brother Printers Are Full of Hackable Bugs
The vulnerabilities were discovered by cybersecurity firm Rapid7, which published a blog about the bugs last week. The blog explains that, after some research, Rapid7's cyber pros came across a total of eight new zero-day vulnerabilities in the machines. The vulnerabilities are all different, though there is one that is pretty bad. CVE-2024-51978 is an authentication bypass vulnerability that could allow a hacker to nab the printer's password. Researchers break it down like so:
A remote unauthenticated attacker can leak the target device's serial number through one of several means, and in turn generate the target device's default administrator password. This is due to the discovery of the default password generation procedure used by Brother devices. This procedure transforms a serial number into a default password. Affected devices have their default password set, based on each device's unique serial number, during the manufacturing process. Brother has indicated that this vulnerability cannot be fully remediated in firmware, and has required a change to the manufacturing process of all affected models.
Researchers originally contacted Brother Industries last year, and the printing company and security researchers have been in touch since then, working to mitigate the issues. The bugs are also impacting several other printer brands, including Fujifilm, Ricoh, Toshiba, and Konica Minolta, according to researchers.
Dark Reading notes that millions of devices appear to be impacted. Luckily, researchers note that there is no evidence that the bugs are being exploited in the wild. Brother has also issued patches for the vulnerabilities.
In addition to installing patches, users are also encouraged to change their default administrator password. That should stop the bad bug, CVE-2024-51978, which would have allowed an intruder to hijack the machine. If you don't do that, researchers warn that an attacker could 'use this default administrator password to either reconfigure the target device, or access functionality only intended for authenticated users.'
Gizmodo reached out to Brother Industries for more information. In a statement shared Wednesday, the company said: 'Brother would like to thank Rapid7 for their efforts in discovering the issues. We have informed our customers about the mitigation on our website.'
Try Our AI Features
Explore what Daily8 AI can do for you:
Comments
No comments yet...
Related Articles
Tom's Guide
2 days ago
- Tom's Guide
Microsoft just fixed over 107 flaws including one serious zero-day — update your PC right now
Yesterday was Microsoft's August 2025 Patch Tuesday, and it was a busy one: The company issued patches for 107 total vulnerabilities including one zero-day flaw for an exploit in Windows Kerberos. Bleeping Computer reports that of the total flaws that were fixed, thirteen were rated critical. Of those thirteen critical flaws, nine were remote code execution style vulnerabilities, three were information disclosure attacks and one was an elevation of privilege. The style of bugs from the total number of vulnerabilities breaks down to: The zero-day vulnerability (tracked as CVE-2025-53779)is a Windows Kerberos Elevation of Privilege Vulnerability. It's a flaw in Kerberos that would permit authenticated hackers to have domain administrator privileges over a network. However, according to Microsoft, the attacker would require elevated access to two dMSA attributes in order to exploit the vulnerability. The two attributes are msds-groupMSAMembership, which would allow the user to utilize the dMSA and msds-ManagedAccountPreceededByLink, where the attacker needs write access to the attribute which allows them to specify a user that the dMSA can act on behalf of. Microsoft has attributed the discovery of the flaw to Yuval Gordon of Akamai who published a technical report on the flaw in May. Follow Tom's Guide on Google News to get our up-to-date news, how-tos, and reviews in your feeds. Make sure to click the Follow button. Get instant access to breaking news, the hottest reviews, great deals and helpful tips.
Yahoo
4 days ago
- Yahoo
ESET Research: Russian RomCom group exploits new vulnerability, targets companies in Europe and Canada
If you use WinRAR or other affected components such as the Windows versions of its command line utilities, or the portable UnRAR source code, upgrade immediately to the latest version. ESET researchers have discovered a previously unknown zero-day vulnerability in WinRAR being exploited in the wild by Russia-aligned group RomCom. Analysis of the exploit led to the discovery of the vulnerability, now assigned CVE-2025-8088: a path traversal vulnerability, made possible with the use of alternate data streams. After notification, WinRAR released a patched version on July 30th, 2025. Successful exploitation attempts delivered various backdoors used by the RomCom group, specifically a SnipBot variant, RustyClaw, and the Mythic agent. This campaign targeted financial, manufacturing, defense, and logistics companies in Europe and Canada. BRATISLAVA, Slovakia, Aug. 11, 2025 (GLOBE NEWSWIRE) -- ESET researchers have discovered a previously unknown vulnerability in WinRAR, exploited in the wild by Russia-aligned group RomCom. According to ESET telemetry, malicious archives were used in spearphishing campaigns between July 18 to July 21, 2025, targeting financial, manufacturing, defense, and logistics companies in Europe and Canada. The aim of the attacks was cyberespionage. This is at least the third time that RomCom has been caught exploiting a significant zero-day vulnerability in the wild. 'On July 18, we observed a malicious DLL named in a RAR archive containing unusual paths that caught our attention. Upon further analysis, we found that the attackers were exploiting a previously unknown vulnerability affecting WinRAR, including the then-current version 7.12. On July 24, we contacted the developer of WinRAR; the same day the vulnerability was fixed in beta version with a full version released few days later. We advise WinRAR users to install the latest version as soon as possible to mitigate the risk,' says ESET researcher Peter Strýček who made the discovery along with another ESET researcher Anton Cherepanov. The vulnerability, CVE-2025-8088, is a path traversal vulnerability, which is made possible via the use of alternate data streams. Disguised as an application document, the weaponized archives exploited a path traversal flow to compromise its targets. In the spearphishing email, the attackers sent a CV hoping that a curious target would open it. According to ESET telemetry, none of the targets were compromised. The attackers, however, had conducted reconnaissance beforehand and the emails were highly targeted. Successful exploitation attempts delivered various backdoors used by RomCom group – specifically, a SnipBot variant, RustyClaw, and the Mythic agent. ESET Research attributes the observed activities to RomCom with high confidence based on the targeted region, tactics, techniques, and procedures (TTPs), and the malware used. RomCom (also known as Storm-0978, Tropical Scorpius, or UNC2596) is a Russia-aligned group that conducts both opportunistic campaigns against selected business verticals and targeted espionage operations. The group's focus has shifted to include espionage operations collecting intelligence, in parallel with its more conventional cybercrime operations. The backdoor used by the group is capable of executing commands and downloading additional modules to the victim's machine. It is not the first time that RomCom has used exploits to compromise its victims. In 2023-06, the group performed a spearphishing campaign targeting defense and governmental entities in Europe, with lures related to the Ukrainian World Congress. 'By exploiting a previously unknown zero-day vulnerability in WinRAR, the RomCom group has shown that it is willing to invest serious effort and resources into its cyberoperations. The discovered campaign targeted sectors that align with the typical interests of Russian-aligned APT groups, suggesting a geopolitical motivation behind the operation,' concludes Strýček. For a more detailed analysis and technical breakdown of RomCom's latest campaign, check out the latest ESET Research blogpost 'Update WinRAR tools now: RomCom and others exploiting zero-day vulnerability' on Make sure to follow ESET Research on Twitter (today known as X), BlueSky, and Mastodon for the latest news from ESET Research. About ESET ESET® provides cutting-edge cybersecurity to prevent attacks before they happen. By combining the power of AI and human expertise, ESET stays ahead of emerging global cyberthreats, both known and unknown—securing businesses, critical infrastructure, and individuals. Whether it's endpoint, cloud, or mobile protection, our AI-native, cloud-first solutions and services remain highly effective and easy to use. ESET technology includes robust detection and response, ultra-secure encryption, and multifactor authentication. With 24/7 real-time defense and strong local support, we keep users safe and businesses running without interruption. The ever-evolving digital landscape demands a progressive approach to security: ESET is committed to world-class research and powerful threat intelligence, backed by R&D centers and a strong global partner network. For more information, visit or follow our social media, podcasts, and blogs. CONTACT: Media contact: Jessica Beffa 720-413-4938Error in retrieving data Sign in to access your portfolio Error in retrieving data Error in retrieving data Error in retrieving data Error in retrieving data
Engadget
5 days ago
- Engadget
An updated Siri that interacts with apps reportedly won't be here until next spring
A Siri that does way more than just setting a timer or writing down a reminder may still be nearly a year away. According to Bloomberg's Mark Gurman , Apple plans to release an overhauled version of Siri in the spring, which will be enhanced by the new App Intents feature. Gurman reported that the upgraded Siri will handle more complex tasks within apps, like commenting on an Instagram post, adding an item to your cart in a shopping app or editing a specific photo and sending it afterwards. After a disappointing delay, Apple is playing catch-up to deliver on previous claims of an improved Siri. According to Gurman, the company is testing App Intents with its own apps, but also third-party apps, including AllTrails, Amazon, Facebook, Threads, Temu, Uber, WhatsApp and YouTube. For apps that handle more sensitive info, like banking apps, Gurman said that Apple may look into certain restrictions or completely avoid these apps for App Intents. Apple gave us the first glimpse of this smarter Siri during WWDC 2024, where Apple Intelligence was the focus of the annual conference. However, the company delayed the release for the updated Siri in March, explaining that "it's going to take us longer than we thought to deliver on these features" and adding that the upgrades be rolled out "in the coming year." Apple even got sued for false advertising after releasing a TV ad featuring Bella Ramsey that showed off Siri's new capabilities that weren't available to the public following the release of the iPhone 16.
