Brother printers (and printers from Fujifilm, Ricoh, Toshiba, and Konica Minolta) are affected by multiple vulnerabilities discovered by Rapid7, including a critical, unpatchable flaw (CVE-2024-51978) allowing attackers to generate default admin passwords if they know the device's serial number. While seven of the eight vulnerabilities have been patched, the critical one requires a manufacturing process change by Brother. The primary mitigation is to change the default administrator password.
