Analysis from Rapid7 reveals eight new vulnerabilities amongst multifunction printers (MFP).
In whole, 748 fashions from 5 distributors are impacted by these vulnerabilities. This contains 689 fashions amongst Brother’s printers, scanners and label making units; 46 amongst FUJIFILM Enterprise Innovation printer fashions; 5 from Ricoh; 6 from Konica Minolta, Inc.; and a couple of from Toshiba Tec Company.
Essentially the most severe of the found vulnerabilities is an authentication bypass flaw (CVE-2024-51978). Through this flaw, a malicious actor may leak the serial variety of the focused system and generate a default administrator password. Brother has acknowledged that this vulnerability can’t be totally remediated in firmware and requires an alteration to the manufacturing course of in affected fashions.
Safety Leaders Weigh In
David Matalon, CEO at Venn:
The safety of distant work environments goes far past laptops — particularly since peripherals are virtually all the time Wi-Fi enabled. Printers in house workplaces — usually neglected — can turn into severe factors of publicity.
The vulnerabilities uncovered by Rapid7 spotlight a wider situation. When workers work exterior the company perimeter, the risk floor expands. Organizations must deal with shrinking that risk floor and contemplate methods for guaranteeing their firm knowledge is protected independently of the system it is on, or the person’s house network that may be used to access it. That features contemplating all paths to knowledge together with unmanaged printers, good units, and the rest related to a house community that’s exterior of IT’s management.
John Bambenek, President at Bambenek Consulting:
Printers are sometimes a “plug it in and overlook it” sort of IT system and are straightforward to miss for updates and safety patches. Nonetheless, they’ve working programs and can be utilized for simple lateral motion and persistence of attackers who wish to stay in a goal setting quietly. It’s a reminder that these units ought to by no means be overtly accessible by means of the web as a result of troublemakers have been recognized to focus on printers prior to now.
John Gallagher, Vice President at Viakoo:
Whereas this looks as if a traditional situation for IT groups (firmware patching to remediate a important vulnerability), the true situation is the huge variety of printers used and managed exterior of IT. Like many IoT units, the patching and upkeep of printers is probably not a precedence for the road of enterprise working them. But if these units remained unpatched there may be important threat to the group general.
Printers are closely utilized in sure verticals (like healthcare) that risk actors goal. In healthcare the printer could also be for creating affected person ID wristbands, directions to docs or surgeons, scanning well being information, and so forth. Since many printers at the moment retailer paperwork of their print buffer or on storage throughout the system, there’s a risk of affected person private data being stolen.
As a result of printers are each networked and ubiquitous, there needs to be urgency round patching to forestall lateral motion.
Having a strong IoT security focus is required to forestall important injury from these vulnerabilities, beginning with having an up-to-date asset stock and automatic strategies to shortly patch fleets of IoT units. Utilizing conventional IT strategies of discovery and patching merely don’t work for IoT/OT/ICS programs.
