CVE-2025-8452
Unknown Unknown - Not Provided
BaseFortify

Publication date: 2025-08-12

Last updated on: 2025-10-08

Assigner: Austin Hackers Anonymous

Description
By using the "uscan" protocol provided by the eSCL specification, an attacker can discover the serial number of multi-function printers that implement the Brother-provided firmware. This serial number can, in turn, can be leveraged by the flaw described by CVE-2024-51978 to calculate the default administrator password. This flaw is similar toΒ CVE-2024-51977, with the only difference being the protocol by which an attacker can use to learn the remote device's serial number. The eSCL/uscan vector is typically only exposed on the local network.Β Any discovery service that implements the eSCL specification can be used to exploit this vulnerability, and one such implementation is the runZero Explorer.Β Changing the default administrator password will render this vulnerability virtually worthless, since the calculated default administrator password would no longer be the correct password.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2025-08-12
Last Modified
2025-10-08
Generated
2026-05-07
AI Q&A
2025-08-12
EPSS Evaluated
2026-05-05
NVD
CVE-2025-8452
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
brother multifunction_printer *
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-538 The product places sensitive information into files or directories that are accessible to actors who are allowed to have access to the files, but not to the sensitive information.
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?

This vulnerability allows an attacker on the local network to retrieve the serial number of Brother multi-function printers using the eSCL/uscan protocol. With the serial number, the attacker can exploit a related vulnerability (CVE-2024-51978) to calculate the default administrator password, potentially gaining unauthorized access to the device. Changing the default administrator password mitigates this risk. [1]


How can this vulnerability impact me? :

If exploited, this vulnerability can allow an attacker to gain unauthorized administrative access to Brother multi-function printers on the local network by calculating the default administrator password. This could lead to unauthorized control over the device, potentially impacting device security and network integrity. [1]


How can this vulnerability be detected on my network or system? Can you suggest some commands?

This vulnerability can be detected by discovering the serial number of Brother multi-function printers on the local network using the eSCL protocol or SNMP. Tools that implement the eSCL specification, such as runZero Explorer, can be used to identify vulnerable devices. Specific commands are not provided, but using network discovery tools that support eSCL or SNMP queries to retrieve device serial numbers would be effective. [1]


What immediate steps should I take to mitigate this vulnerability?

The immediate mitigation step is to change the default administrator password on the affected Brother devices via the Web Based Management interface. Changing the default password renders the vulnerability ineffective since the calculated default password will no longer be valid. [1]


Ask Our AI Assistant
Need more information? Ask your question to get an AI reply (Powered by our expertise)
0/70
EPSS Chart