CVE-2025-53869
Unknown
Unknown - Not Provided
Improper Certificate Validation in Brother MFPs Enables MITM Attacks
Publication date: 2026-01-29
Last updated on: 2026-01-29
Assigner: JPCERT/CC
Description
Description
Multiple MFPs provided by Brother Industries, Ltd. does not properly validate server certificates, which may allow a man-in-the-middle attacker to replace the set of root certificates used by the product with a set of arbitrary certificates.
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| brother_industries | multiple_mfps | * |
Helpful Resources
Exploitability
CWE
KEV
| CWE ID | Description |
|---|---|
| CWE-295 | The product does not validate, or incorrectly validates, a certificate. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability involves multiple Brother Industries MFPs that do not properly validate server certificates. This flaw may allow a man-in-the-middle attacker to replace the set of root certificates used by the product with arbitrary certificates.
How can this vulnerability impact me? :
The vulnerability could allow an attacker to perform man-in-the-middle attacks by substituting trusted root certificates with arbitrary ones, potentially leading to unauthorized interception or manipulation of communications with the affected MFPs.
Ask Our AI Assistant
Need more information? Ask your question to get an AI reply (Powered by our expertise)
0/70