Critical Vulnerability Affecting Multiple Printer Models

14 July 2025

Security updates have been released to address a critical vulnerability affecting multiple printer models belonging to Brother, Konica Minolta, and Toshiba.

Background

Printer manufacturers from Brother, Konica Minolta, and Toshiba have released security updates to address a critical vulnerability (CVE-2024-51978) affecting multiple printer models. This vulnerability has a Common Vulnerability Scoring System (CVSSv3.1) score of 9.8 out of 10.

Impact

Successful exploitation of the authentication bypass could allow a remote unauthenticated attacker who knows the target device's serial number to generate its default administrator password.

Affected Products

This vulnerability affects a wide range of printers from the following vendors. Users are advised to refer to the respective vendors' advisories for the full list of impacted models and firmware versions:

Brother: https://support.brother.com/g/b/faqend.aspx?c=us&lang=en&prod=group2&faqid=faq00100846_000

Konica Minolta: https://www.konicaminolta.com/global-en/security/advisory/pdf/km-2025-0001.pdf

Toshiba Tec Corporation: https://www.toshibatec.com/information/20250625_02.html

Mitigation

Users and administrators of affected products are advised to change their printer's default password and update to the latest versions immediately.

Administrators are recommended to restrict access to the printer's admin interfaces over unsecured protocols and external networks.

References

https://www.bleepingcomputer.com/news/security/brother-printer-bug-in-689-models-exposes-default-admin-passwords/

https://nvd.nist.gov/vuln/detail/CVE-2024-51978

https://www.rapid7.com/blog/post/multiple-brother-devices-multiple-vulnerabilities-fixed/

Government officials will never ask you to transfer money or disclose bank log-in details over a phone call.

Critical Vulnerability Affecting Multiple Printer Models

Reach us