CVE-2024-51978

Published Unknown

Actions:

Expert Analysis

Professional remediation guidance

Get tailored security recommendations from our analyst team for CVE-2024-51978. We'll provide specific mitigation strategies based on your environment and risk profile.

CVSS Score

V3.1

0.0

/10

Not Available

Base Score Metrics

Exploitability: N/A Impact: N/A

Attack Vector Metrics

Attack Vector

Not Available

Attack Complexity

Not Available

Privileges Required

Not Available

User Interaction

Not Available

Scope

Not Available

Impact Metrics

Confidentiality

Not Available

Integrity

Not Available

Availability

Not Available

Description

An unauthenticated attacker who knows the target device's serial number, can generate the default administrator password for the device. An unauthenticated attacker can first discover the target device's serial number via CVE-2024-51977 over HTTP/HTTPS/IPP, or via a PJL request, or via an SNMP request.

Available Exploits

No exploits available for this CVE.

Related News

No news articles found for this CVE.

EU Vulnerability Database

Monitored by ENISA for EU cybersecurity

EU Coordination

EU Coordinated

Exploitation Status

No Known Exploitation

EUVD ID

View on ENISA

ENISA Analysis

Affected Products (ENISA)

toshiba tec

td-4520dn

ENISA Scoring

CVSS Score (3.1)

9.8

/10

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

EPSS Score

2.680

probability

ENISA References

https://support.brother.com/g/b/link.aspx?prod=group2&faqid=faq00100846_000

https://support.brother.com/g/b/link.aspx?prod=group2&faqid=faq00100848_000

https://support.brother.com/g/b/link.aspx?prod=lmgroup1&faqid=faqp00100620_000

https://www.rapid7.com/blog/post/multiple-brother-devices-multiple-vulnerabilities-fixed

https://assets.contentstack.io/v3/assets/blte4f029e766e6b253/blt6495b3c6adf2867f/685aa980a26c5e2b1026969c/vulnerability-disclosure-whitepaper.pdf

https://github.com/sfewer-r7/BrotherVulnerabilities

https://www.toshibatec.com/information/20250625_02.html

https://www.konicaminolta.com/global-en/security/advisory/pdf/km-2025-0001.pdf

https://github.com/rapid7/metasploit-framework/pull/20349

Data provided by ENISA EU Vulnerability Database. Last updated: June 27, 2025

GitHub Security Advisories

Community-driven vulnerability intelligence from GitHub

⚠ Unreviewed CRITICAL

GHSA-2mr3-j246-x7x3

Advisory Details

CVSS Scoring

CVSS Score

9.0

CVSS Vector


                                    CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

References

ADVISORY https://nvd.nist.gov/vuln/detail/CVE-2024-51978

WEB https://github.com/rapid7/metasploit-framework/pull/20349

WEB https://assets.contentstack.io/v3/assets/blte4f029e766e6b253/blt6495b3c6adf2867f/685aa980a26c5e2b1026969c/vulnerability-disclosure-whitepaper.pdf

WEB https://github.com/projectdiscovery/nuclei-templates/blob/main/http/cves/2024/CVE-2024-51978.yaml

WEB https://github.com/sfewer-r7/BrotherVulnerabilities

WEB https://support.brother.com/g/b/link.aspx?prod=group2&faqid=faq00100846_000

WEB https://support.brother.com/g/b/link.aspx?prod=group2&faqid=faq00100848_000

WEB https://support.brother.com/g/b/link.aspx?prod=lmgroup1&faqid=faqp00100620_000

WEB https://www.bleepingcomputer.com/news/security/brother-printer-bug-in-689-models-exposes-default-admin-passwords

WEB https://www.darkreading.com/endpoint-security/millions-brother-printers-critical-unpatchable-bug

WEB https://www.konicaminolta.com/global-en/security/advisory/pdf/km-2025-0001.pdf

WEB https://www.rapid7.com/blog/post/multiple-brother-devices-multiple-vulnerabilities-fixed

WEB https://www.securityweek.com/new-vulnerabilities-expose-millions-of-brother-printers-to-hacking

WEB https://www.toshibatec.com/information/20250625_02.html

Advisory provided by GitHub Security Advisory Database. Published: June 26, 2025, Modified: July 25, 2025

Social Media Intelligence

Real-time discussions and threat intelligence from social platforms

1 post

Reddit • 2 weeks, 4 days ago

MauriceTorres

Exploit PoC

𝐓𝐨𝐝𝐚𝐲'𝐬 𝐏𝐚𝐭𝐜𝐡 𝐓𝐮𝐞𝐬𝐝𝐚𝐲 𝐨𝐯𝐞𝐫𝐯𝐢𝐞𝐰 • Microsoft has addressed 𝟏𝟑𝟕 𝐯𝐮𝐥𝐧𝐞𝐫𝐚𝐛𝐢𝐥𝐢𝐭𝐢𝐞𝐬, 𝐧𝐨 𝐳𝐞𝐫𝐨-𝐝𝐚𝐲𝐬, 𝟏𝟒 𝐜𝐫𝐢𝐭𝐢𝐜𝐚𝐥 and 𝐨𝐧𝐞 𝐰𝐢𝐭𝐡 𝐏𝐨𝐂 • Third-party: web browsers, Linux Sudo, Citrix NetScaler, Cisco, WordPress, WinRAR, Brother printers, GitHub, Teleport, Veeam, Grafana, Palo Alto Networks, and Trend Micro. Navigate to 𝐕𝐮𝐥𝐧𝐞𝐫𝐚𝐛𝐢𝐥𝐢𝐭𝐲 𝐃𝐢𝐠𝐞𝐬𝐭 𝐟𝐫𝐨𝐦 𝐀𝐜𝐭𝐢𝐨𝐧𝟏 for comprehensive summary …

Also mentions: CVE-2025-20309 CVE-2025-6554 CVE-2025-6463 CVE-2025-32463 CVE-2025-32462 CVE-2024-51977 CVE-2025-20282 CVE-2025-20281 CVE-2025-49212 CVE-2025-23121 CVE-2025-49825 CVE-2025-49220 CVE-2025-5777 CVE-2025-4232 CVE-2025-4231 CVE-2025-4230 CVE-2025-33053 CVE-2025-4123 CVE-2025-3509

11.0

View Original High Risk

Published: Unknown

Last Modified: Unknown

Copied to clipboard!

CVE-2024-51978

Expert Analysis

CVSS Score

Attack Vector Metrics

Impact Metrics

Description

Available Exploits

Related News

EU Vulnerability Database

EU Coordination

Exploitation Status

EUVD ID

ENISA Analysis

Affected Products (ENISA)

ENISA Scoring

CVSS Score (3.1)

EPSS Score

ENISA References

GitHub Security Advisories

Advisory Details

CVSS Scoring

CVSS Score

CVSS Vector

References

Social Media Intelligence

Request Analysis

What to expect

Request Received!