Your home printer may be at risk if you’ve never changed its admin password. A newly discovered security flaw affecting at least 748 printer models allows hackers to generate the device’s admin password, and the issue can’t be fully fixed through a firmware update.
Spotted by security company Rapid7 and reported by Bleeping Computer, some of the security flaws have been fixed through firmware updates, but one needs to be manually fixed by anyone who owns one of these printers.
You can see the impacted models in each manufacturer’s documentation here:
If you own a printer impacted by this security flaw, the advice is to change your admin password as soon as possible. If you’re not using the default admin password, attackers won’t be able to use this flaw to gain access to your personal information.
Rapid7 found eight new vulnerabilities, seven of which can be fixed via firmware updates. The last one allows attackers to generate your serial number, which can then be used to work out your admin password. It’s being referred to as CVE-2024-51978.
Recommended by Our Editors
This vulnerability could allow attackers to get access to your private information, crash your devices, and even expose passwords on your connected network services. If you think you may be impacted, be sure to change your admin password on your printer as soon as possible. Even if you’re unsure if your model is involved, it’s still worthwhile to change your password.
Is your iPhone secure? How to double-check your privacy settings
Get Our Best Stories!
Stay Safe With the Latest Security News and Updates
By clicking Sign Me Up, you confirm you are 16+ and agree to our Terms of Use and Privacy Policy.
Thanks for signing up!
Your subscription has been confirmed. Keep an eye on your inbox!
About James Peckham
Reporter
