Summary
- A critical vulnerability affecting 750 printer models allows hackers to remotely determine default administrator passwords.
- Cybersecurity firm Rapid7 discovered the flaws, with the most severe vulnerability having a CVSS rating of 9.8 out of 10.
- Manufacturers recommend changing default admin passwords to protect vulnerable printers from exploitation, as firmware updates cannot fix some flaws.
Your printer might not be the first entry point you think of for hackers. But you'd be surprised by how many vulnerabilities your printer has. And now, you might even have an unfixable one too.
The eight vulnerabilities were discovered by cybersecurity firm Rapid7, which worked with the affected companies for over a year before the public disclosure. The central and most critical vulnerability, identified as CVE-2024-51978 with a "Critical" CVSS rating of 9.8 out of 10, lies in the way default administrator passwords are generated at the factory. Attackers who can obtain a printer's serial number can use it to mathematically derive the default password.
Another issue, CVE-2024-51977, can allow an unauthenticated attacker to leak sensitive information from the printer, including its serial number. By chaining these two vulnerabilities, a remote attacker could potentially gain full administrative control over a vulnerable printer that is still using its factory-default password.
Once an attacker has administrative access, they can exploit the other six vulnerabilities discovered by Rapid7. These lesser, yet still significant, flaws could allow an attacker to retrieve sensitive data, crash the device, force the printer to open arbitrary TCP connections, execute unauthorized HTTP requests, and expose passwords for connected network services like LDAP and FTP. Each of these vulnerabilities might not do much by themselves, but all together, they could be actually dangerous.
How to Enable Windows Protected Print Mode (and Why You Should)
Your printer can't hurt you... can it?
Seven of the eight vulnerabilities can be patched by applying the latest firmware updates released by the manufacturers, but Brother has stated that the critical password generation flaw (CVE-2024-51978) "cannot be fully remediated in firmware." The company has indicated that a change in the manufacturing process will address the issue for future devices, but existing printers will continue to be vulnerable.
For the hundreds of thousands of vulnerable printers already in homes and offices, the main (and most urgent) recommendation from security experts and the manufacturers themselves is to immediately change the default administrator password. This can typically be done through the printer's web-based management interface. Once you've done that, attackers should not be able to exploit the unpatchable password generation flaw. If you feel insecure about it still, you can also replace your printer, but by replacing your password, this might not be necessary.
Source: The Verge
