CVE-2025-55704
Information Disclosure via Hidden Functionality in Brother MFPs
Publication date: 2026-01-29
Last updated on: 2026-01-29
Assigner: JPCERT/CC
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| brother | inkjet_printers | * |
| brother | laser_printers | * |
| brother | sublimation_transfer_printers | * |
| brother | scanners | * |
| konicaminolta | bizhub_5021i | From 1.02 (inc) to 1.04 (inc) |
| konicaminolta | bizhub_5001i | From 1.03 (inc) to 1.05 (inc) |
| konicaminolta | bizhub_4221i | From 1.02 (inc) to 1.04 (inc) |
| konicaminolta | bizhub_4201i | From 1.02 (inc) to 1.04 (inc) |
| konicaminolta | bizhub_5020i | From U2412241059 (exc) to U2505151336 (inc) |
| konicaminolta | bizhub_5000i | From 1.33 (exc) to 1.34 (inc) |
| konicaminolta | bizhub_4020i | From U2412241059 (exc) to U2505151336 (inc) |
| konicaminolta | bizhub_4000i | From 1.29 (exc) to 1.30 (inc) |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-912 | The product contains functionality that is not documented, not part of the specification, and not accessible through an interface or command sequence that is obvious to the product's users or administrators. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
CVE-2025-55704 is a security vulnerability found in multiple multifunction printers (MFPs) and related devices from Brother Industries, Konica Minolta, and Ricoh. It involves hidden functionality that allows an attacker to access diagnostic or problem analysis logs on the affected devices without authorization. These logs may contain sensitive information, which the attacker can obtain. The vulnerability is related to improper certificate validation and hidden functionality issues, enabling unauthorized access to sensitive device data over the network without requiring user interaction or privileges. [1, 2, 3]
How can this vulnerability impact me? :
This vulnerability can impact you by allowing an attacker to remotely access sensitive information contained in the diagnostic logs of your affected printer or scanner devices. This unauthorized access could expose confidential data about device usage or other sensitive details stored in the logs. Additionally, the attacker could impersonate the device to access certain online services related to the device, such as product usage status and ink levels. Exploitation requires no user interaction or privileges and can be performed over the network, increasing the risk of data exposure and potential misuse. [1, 2]
How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:
The provided resources do not explicitly discuss the impact of CVE-2025-55704 on compliance with common standards and regulations such as GDPR or HIPAA. However, since the vulnerability allows unauthorized access to sensitive information within device logs, it could potentially lead to exposure of confidential data, which may affect compliance with data protection regulations. Mitigation involves updating device firmware and applying recommended security measures to prevent unauthorized access. [1, 2, 3]
How can this vulnerability be detected on my network or system? Can you suggest some commands?
Detection involves monitoring device logs and network traffic for suspicious activity related to unauthorized access attempts. Since the vulnerability allows attackers to access sensitive logs via network-based attacks without authentication, administrators should check for unusual access patterns to the device's diagnostic or problem analysis logs. Specific commands are not provided in the resources, but general recommendations include regularly reviewing device logs and network traffic, and verifying device firmware versions to identify vulnerable devices. [3]
What immediate steps should I take to mitigate this vulnerability?
Immediate mitigation steps include updating the firmware of affected devices to the latest fixed versions provided by the vendors (Brother and Konica Minolta). Users should download and apply the firmware update tools from the official vendor websites. Additionally, it is recommended to avoid exposing devices directly to the internet, use firewalls and private IP addressing, change default passwords to strong credentials, disable unused services and ports, configure strong passwords for integrated services (SMTP, LDAP, SMB, WebDAV), use secure encrypted communication protocols (HTTPS, LDAPS, IPPS), enable built-in user authentication features, and regularly monitor device logs and network traffic for suspicious activity. [1, 2, 3]