Back in June, security researchers from Rapid7 discovered several security vulnerabilities in over 700 different printer models that pose a risk to users. Printers from well-known brands—mostly Brother but also Fujifilm, Ricoh, Toshiba, and Konica Minolta—were named as affected.
Now things are getting serious as hackers are exploiting these security vulnerabilities to carry out real-world attacks. Among other things, they can find out the default password of a printer by reading out the serial number and thus gain admin access. This makes it possible to, for example, integrate printers into botnets, which are then exploited and used for further attacks.
The attacks appear to be both random and widespread. Any printer that’s affected by security vulnerabilities CVE-2024-51977 and CVE-2024-51978 is a perfect target for hackers.
Be sure to update your printers!
As it stands right now, this is a serious wave of attacks that’s only going to gather its pace as more printers are taken over and exploited for further attacks. You may not even realize it’s happening to your printer.
If you want to protect yourself, the most important thing you can do is update your printer’s firmware to the latest version ASAP. The relevant manufacturers have already provided patches to resolve these vulnerabilities. You can find a list of all affected models here.
You should also change the admin password of your printer so that it can no longer be deduced from its serial number.
Further reading: Tips to avoid buying a printer that sucks