Hundreds of printer models across the globe have been found to use administrator passwords that are easily guessable, according to a report by Bleeping Computer.
The vulnerability was uncovered by specialists at Rapid7. They explained that printers are shipped from the factory with a default administrator password generated by a specific algorithm. It was discovered that for 689 Brother printer models, as well as 53 models from Fujifilm, Toshiba, and Konica Minolta, this algorithm is predictable, allowing the password to be easily guessed.
According to the researchers, the vulnerability, tracked as CVE-2024-51978, allows an attacker to guess the default administrator password if it has not been changed by the user. If exploited, this could grant malicious actors access to the printer`s system and potentially allow them to infiltrate the network to which the device is connected.
Rapid7 stated that they have informed the affected office equipment manufacturers about the issue. While companies like Brother have released patches, these updates are primarily beneficial for newly manufactured devices. Rapid7 strongly urged consumers to change the default password on their existing printers immediately as a preventive measure.
Rupert Blackwood 
Barnaby Whitfield