Updated with response: Brother printers & devices vulnerable to DoS attack

Trustwave researchers revealed a vulnerability in Brother consumer and business printers and multi-function devices that can allow a denial of service attack. Brother UK responds.
Updated with response: Brother printers & devices vulnerable to DoS attack
Updated with response: Brother printers & devices vulnerable to DoS attack

Trustwave researchers revealed a vulnerability in Brother consumer and business printers and multi-function devices that can allow a denial of service attack.

The vulnerability, CVE-2017-16249, is in Brother's Debut embedded HTTP server which will allow a single malformed HTTP request to cause the server to hang making it unusable. Eventually the printer will issue an HTTP 500 error.

“The following Proof of Concept (PoC) connects to the device, sends the malformed HTTP request, waits for the server to reply (with the 500 error), and sends another malformed HTTP request.  This process is repeated indefinitely until stopped,” the Trustwave advisory said.

The flaw was made public in an advisory by Trustwave in early November after the security firm did not receive a response from Brother despite making several attempts to contact the vendor starting in September. No patch exists, but Trustwave suggests access to these devices should be limited only to authorised users by using an access control list and network segmentation.

Brother UK has subsequently contacted SC Media UK and a spokesperson said in an email: "We acknowledge the issue raised by Trustwave SpiderLabs and we are currently investigating. We are committed to providing a solution and update in due course.

"We take the security of our devices extremely seriously. If a printer is connected to a private, secured network, as in most home or office environments, rather than one that is publicly accessible on the internet (open network), it is protected by a firewall, as any other device would be.

"We recommend that the printer password feature is always activated. For those with advanced requirements, Brother offers industry standard protocols such as IPsec, SSL, TLS, SNMPv3 and more, which can be enabled to further secure the printing environment.

"We also advise businesses and organisations to follow the ISO 27001 guidelines, related to Information Security Management System (ISMS) and Network Access protection safeguards to protect against break-in.

"We encourage any customers with questions about their Brother printer security and set up to contact our customer services team for assistance and guidance. They can be reached on 0333 777 4444."

Topics: