AI description
CVE-2024-51978 is an authentication bypass vulnerability affecting multiple Brother printer models, as well as some models from FUJIFILM Business Innovation, Ricoh, Konica Minolta, and Toshiba Tec. It stems from a flaw in the default password generation procedure used by these devices, where the default administrator password is derived from the device's serial number during manufacturing. An unauthenticated attacker can exploit this vulnerability by first obtaining the target device's serial number through various means, including exploiting CVE-2024-51977 or querying the device via PJL or SNMP. With the serial number, the attacker can then generate the default administrator password, potentially allowing them to reconfigure the device or abuse functionalities intended for authenticated users.
- Description
- An unauthenticated attacker who knows the target device's serial number, can generate the default administrator password for the device. An unauthenticated attacker can first discover the target device's serial number via CVE-2024-51977 over HTTP/HTTPS/IPP, or via a PJL request, or via an SNMP request.
- Source
- cve@rapid7.com
- NVD status
- Awaiting Analysis
CVSS 3.1
- Type
- Secondary
- Base score
- 9.8
- Impact score
- 5.9
- Exploitability score
- 3.9
- Vector string
- CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
- Severity
- CRITICAL
- cve@rapid7.com
- CWE-1391
Hype score is a measure of social media activity compared against trending CVEs from the past 12 months. Max score 100.
- Hype score
7
Urgent Printer Alert: Critical Flaw (CVE-2024-51978, CVSS 9.8) Exposes Brother & Other Printers to Remote Takeover https://t.co/Xv2ehvf9lk
@the_yellow_fall
30 Jun 2025
19 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
Top 5 Trending CVEs: 1 - CVE-2025-32711 2 - CVE-2024-51978 3 - CVE-2025-6430 4 - CVE-2025-32433 5 - CVE-2020-9547 #cve #cvetrends #cveshield #cybersecurity https://t.co/4Fua3CAN6W
@CVEShield
29 Jun 2025
14 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 CVE-2024-51978 - critical 🚨 Brother Printers – Authentication Bypass via Default Admin Password > By leaking a target device's serial number, a remote attacker can generate the target... 👾 https://t.co/kWpO48eIBH @pdnuclei #NucleiTemplate...
@pdnuclei_bot
29 Jun 2025
2060 Impressions
7 Retweets
41 Likes
13 Bookmarks
0 Replies
0 Quotes
شرکت Rapid7 هشت آسیبپذیری امنیتی در پرینترهای برادر و سایر تولیدکنندگان کشف کردهاند که مجموعاً ۶۸۹ مدل را تحت تأثیر قرار میدهد. بحرانیترین این آسیبپ
@Teeegra
27 Jun 2025
1249 Impressions
1 Retweet
28 Likes
0 Bookmarks
0 Replies
0 Quotes
Brother printer bug in 689 models exposes default admin passwords 689 Brother printer models and 53 others from Fujifilm, Toshiba, and Konica Minolta. The most critical, CVE-2024-51978, allows remote attackers to generate default admin passwords using device serial numbers. This
@dCypherIO
27 Jun 2025
23 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
⚠️Múltiples vulnerabilidades en dispositivos Brother ❗CVE-2024-51978 ❗CVE-2024-51982 ❗CVE-2024-51983 ❗CVE-2024-51979 ➡️Más info: https://t.co/2rV2DXvUhF https://t.co/VwAwIZInx0
@CERTpy
27 Jun 2025
115 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
A security flaw (CVE-2024-51978) affects 689 Brother printers and other brands, exposing default admin passwords that hackers can reverse. This enables remote control, crashes, and code execution. Firmware fixes are limited. ⚠️ #PrinterSecurity #CVE20245… https://t.co/QJ6vS
@TweetThreatNews
27 Jun 2025
28 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🖨️ 748 printer models from Brother, FUJIFILM, Ricoh, and more hit by 8 major flaws. ⚠️ CVE-2024-51978 lets attackers generate default admin passwords. 🛠️ Fixes + workarounds released. Read more: https://t.co/TWT3ILGo0m #CyberSecurity #CVE #PrinterHacking https://t.c
@threatsbank
26 Jun 2025
74 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
😱 Big news: Millions of Brother printers are exposed to critical vulnerabilities! Rapid7 reports over 700 models at risk. CVE-2024-51978 allows attackers remote access using default passwords. Ensure your devices are secure! Read more: https://t.co/FmKicRx9eq #DataBreach
@cybernews_ai
25 Jun 2025
11 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
セキュリティ企業Rapid7の調査により、Brother製を含む5社の複合機748機種にわたるゼロデイ脆弱性が8件発見された。 最も深刻なCVE-2024-51978はCVSS 9.8の致命的な欠陥で、製造時のシリアル番号変換を悪用し、認証
@yousukezan
25 Jun 2025
855 Impressions
0 Retweets
5 Likes
2 Bookmarks
0 Replies
0 Quotes
ブラザー社多機能プリンタ等にCVSSスコア9.8の脆弱性。CVE-2024-51978は未認証の攻撃者が機器のシリアル番号(別の脆弱性で知得可能)を元に初期管理者パスワードを生成可能なもの。Rapid7社が報告したプリンタ7
@__kokumoto
25 Jun 2025
2723 Impressions
24 Retweets
29 Likes
9 Bookmarks
0 Replies
1 Quote
Security Alert: New vulnerabilities expose millions of Brother printers (689 models) and others (e.g., Fujifilm, Ricoh) to hacking, reported June 25, 2025, by Rapid7. Threat: The critical CVE-2024-51978 flaw lets remote attackers bypass authentication using default passwords, ht
@tony3266
25 Jun 2025
114 Impressions
0 Retweets
3 Likes
0 Bookmarks
0 Replies
0 Quotes
Rapid7 reveals 8 critical vulnerabilities affecting hundreds of Brother, Fujifilm, Ricoh, Konica Minolta, and Toshiba printers, including an flaw (CVE-2024-51978) that enables unauthorized access via default passwords. Millions at risk! 🔒 #PrinterSecuri… https://t.co/yHgej6C
@TweetThreatNews
25 Jun 2025
17 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
Our @metasploit auxiliary module for the new Brother auth bypass is available. The module will leak a serial number via HTTP/HTTPS/IPP (CVE-2024-51977), SNMP, or PJL, generate the devices default admin password (CVE-2024-51978) and then validate the creds: https://t.co/3uJG56aMx9
@stephenfewer
25 Jun 2025
3964 Impressions
32 Retweets
76 Likes
20 Bookmarks
1 Reply
0 Quotes
CVE-2024-51978 An unauthenticated attacker who knows the target device's serial number, can generate the default administrator password for the device. An unauthenticated attacker c… https://t.co/B7QAswPqiR
@CVEnew
25 Jun 2025
462 Impressions
0 Retweets
1 Like
1 Bookmark
0 Replies
0 Quotes