Researchers at Rapid7 have uncovered eight major vulnerabilities affecting printers from widely used brands such as Brother, Fujifilm, Ricoh, Toshiba, and Konica Minolta. A total of 748 models are affected. These critical flaws, which could allow attackers to take complete control of the devices, are causing concern across the IT sector. And with good reason: these printers are ubiquitous in Quebec’s small and medium-sized businesses.
A flaw that cannot be fixed with firmware
Among these vulnerabilities, the most critical (CVE-2024-51978) allows the default administrator password to be guessed or generated from the printer’s serial number. This flaw becomes extremely dangerous when combined with another vulnerability (CVE-2024-51977) that exposes the serial number publicly via HTTP, HTTPS, or IPP protocols. In short, an attacker can obtain the password without ever physically accessing the device.
The consequences are numerous: takeover of the web interface, configuration changes, code injection, or exploitation of port 9100 to send malicious PJL commands. According to Rapid7, some of these vulnerabilities cannot be fixed with a simple software update. CVE-2024-51978, in particular, requires a change in the manufacturing process. In other words, current models will remain vulnerable (source: Rapid7).
Recommendations from the Centre for Cyber Security
The Centre for Cyber Security recommends that IT administrators check whether their devices are affected and apply any available updates without delay. The manufacturers concerned have already published security bulletins in June 2025. Brother, for example, has rolled out several patches to mitigate certain risks. The company states that only a redesign of the production architecture will eliminate the default password flaw (source: Government of Canada).
Why SMEs are particularly vulnerable
For SMEs, the risks are far from theoretical. Printers are often directly connected to the local network, sometimes without segmentation or enhanced authentication. An intrusion into these devices can allow a cybercriminal to pivot to other internal systems, extract data, or trigger ransomware.
Best practices to implement
It is therefore crucial to act quickly. Experts recommend the following measures: immediately change the default administrator password, apply all available patches, disable unnecessary services (such as TFTP, WSD, SNMPv1) and isolate printers in a separate VLAN. Regular audits of these devices, which are often excluded from traditional cybersecurity processes, are essential.
Some companies will also need to consider replacing their most exposed devices. While this may seem costly, the cost of a breach is much higher. Centralized management tools are available to integrate printers into IT security strategies, including strong authentication, log monitoring, port restriction, and group policy configuration.
Upcoming regulations?
The case also raises the question of future regulations. If printers become a systemic gateway for cyberattacks, will stricter manufacturing standards need to be imposed? Discussions are already underway in some European countries. Quebec could in turn adopt a proactive approach, particularly in the context of personal data obligations.
If you recognize some of these issues in your organization, the specialists at Mon Technicien can help you see things more clearly. Our team already supports several Quebec SMEs in strengthening the IT security of their printing systems and peripherals.
in your taskbar.