“`html
CNBC – In a digital landscape where cyber threats are constantly evolving, the spotlight is now on a surprisingly vulnerable everyday office staple: the printer. New reports indicate that hundreds of printer models, including a significant number from Brother, are susceptible to attacks targeting their administrator passwords.
Security researchers have uncovered eight distinct vulnerabilities, with severity ratings ranging from a concerning 5.3 to a near-critical 9.8. The potential damage these security flaws pose is significant.
Exploiting these vulnerabilities, malicious actors could remotely seize control of the affected printers. Such access could facilitate a range of malicious activities including the execution of remote code, leading to printer crashes and the potential exposure of sensitive information. That’s an outcome that could have serious implications for businesses, especially ones that handle classified documents.
The most severe vulnerability, designated CVE-2024-51978 and scoring a staggering 9.8, primarily impacts Brother-branded printers.
Affected models of each identified vulnerabilities.
The root cause of the vulnerabilities lies in Brother’s password generation algorithm. The algorithm combines the first 16 characters of a printer’s serial number with eight bytes from a static salt table, then uses SHA256 hashing with Base64 encoding. The resultant 8 characters are then modified to create a password, making it vulnerable.
Adding to the potential for disruption, the researchers found that CVE-2024-51978, cannot be fully addressed via firmware updates, according to the company. The issue reportedly needs to be resolved in future generations of the affected printers.
“`
Original article, Author: Tobias. If you wish to reprint this article, please indicate the source:https://aicnbc.com/3485.html
