Hundreds of Printer Models Using Weak Password Algorithms Exposed, Cannot Be Fixed Through Firmware

While many users may not think much about it, printer security is actually an important factor in assessing overall cybersecurity. And following the discovery last month of software bundled with Procolored printers distributing malware, researchers have now discovered that hundreds of printer models worldwide are vulnerable to attacks targeting administrative credentials.

8 Critical Vulnerabilities Discovered

According to a report from Bleeping Computer, CVE-2024-51978 is one of eight newly discovered printer security vulnerabilities. These vulnerabilities allow an attacker (with or without authentication):

1. Discover the default admin password
2. Remote Code Execution (RCE)
3. Cause printer system to hang/crash
4. Other sensitive information leaks

Severity is rated from 5.3 (moderate) to 9.8 (severe) on the CVSS scale.

Brother's Weak Password Generation Algorithm

The most dangerous vulnerability involves the exposure of the default administrator password, primarily affecting Brother printers. The cause comes from the password generation algorithm, which has many weaknesses and relies too much on:

1. Device serial number
2. Static salt table

Code analysis revealed:

1. The first 16 characters of the serial number are concatenated with 8 bytes from the fixed salt table.
2. The result is hashed using the SHA256 algorithm
3. Then Base64 encode
4. Finally take the first 8 characters and replace some of the numbers with special characters to form the complete password.

The static nature of this algorithm allows an attacker to combine multiple existing vulnerabilities to access the device serial number, thereby deducing the default administrative password.

Wide range of influence

While not all printer models are affected by all eight vulnerabilities, the default administrator password vulnerability alone affects 695 models from the following manufacturers:

1. Brother: 689 models
2. Fujifilm: 46 models
3. Konica Minolta: 6 models
4. Ricoh: 5 models
5. Toshiba: 2 models

Limitations in the ability to fix

Brother has officially informed security researchers that they cannot completely fix the password algorithm vulnerability through a firmware update. The only solution currently is to fix it in the manufacturing process of new printer models.

Important recommendation: Users of affected models should change the default administrative password as soon as possible - this is a good security practice to follow even if there is no vulnerability.

Note: The full list of specific affected models is not yet publicly available. Users should monitor official announcements from the manufacturers.

Marvin Fry

Update 28 June 2025