CVE-2025-8452

By using the "uscan" protocol provided by the eSCL specification, an attacker can discover the serial number of multi-function printers that implement the Brother-provided firmware. This serial number can, in turn, can be leveraged by the flaw described by CVE-2024-51978 to calculate the default administrator password. This flaw is similar to CVE-2024-51977, with the only difference being the protocol by which an attacker can use to learn the remote device's serial number. The eSCL/uscan vector is typically only exposed on the local network. Any discovery service that implements the eSCL specification can be used to exploit this vulnerability, and one such implementation is the runZero Explorer. Changing the default administrator password will render this vulnerability virtually worthless, since the calculated default administrator password would no longer be the correct password.

CVSS v3 4.3 MEDIUM

4.3^/10

CVSS v3 : MEDIUM

V3 Legend

Vector :

Exploitability : 2.8 / Impact : 1.4

Attack Vector ADJACENT_NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact LOW

Integrity Impact NONE

Availability Impact NONE

Scope UNCHANGED

References

Link	Resource
https://help.runzero.com/docs/installing-an-explorer/
https://support.brother.com/g/b/faqend.aspx?c=us&lang=en&prod=group2&faqid=faq00100851_000
https://takeonme.org/gcves/GCVE-1337-2025-00000000000000000000000000000000000000000000000001011111011111010111111001000000000000000000000000000000000000000000000000000000001
https://www.rapid7.com/blog/post/multiple-brother-devices-multiple-vulnerabilities-fixed/

Configurations

No configuration.

History

15 Aug 2025, 06:15

Type	Values Removed	Values Added
References		() https://takeonme.org/gcves/GCVE-1337-2025-00000000000000000000000000000000000000000000000001011111011111010111111001000000000000000000000000000000000000000000000000000000001 -

13 Aug 2025, 17:34

Type	Values Removed	Values Added
Summary		(es) Mediante el protocolo "uscan" de la especificación eSCL, un atacante puede descubrir el número de serie de las impresoras multifunción que implementan el firmware de Brother. Este número de serie puede, a su vez, aprovecharse de la falla descrita en CVE-2024-51978 para calcular la contraseña de administrador predeterminada. Esta falla es similar a la CVE-2024-51977, con la única diferencia del protocolo que un atacante puede usar para obtener el número de serie del dispositivo remoto. El vector eSCL/uscan suele estar expuesto únicamente en la red local. Cualquier servicio de descubrimiento que implemente la especificación eSCL puede utilizarse para explotar esta vulnerabilidad, y una de ellas es runZero Explorer. Cambiar la contraseña de administrador predeterminada anulará prácticamente esta vulnerabilidad, ya que la contraseña de administrador predeterminada calculada dejaría de ser la correcta.

12 Aug 2025, 16:15

Type	Values Removed	Values Added
New CVE

Information

Published : 2025-08-12 16:15

Updated : 2025-08-15 06:15

NVD link : CVE-2025-8452

Mitre link : CVE-2025-8452

CVE.ORG link : CVE-2025-8452

JSON object : View

Products Affected

No product.

CWE

CWE-538

Insertion of Sensitive Information into Externally-Accessible File or Directory

4.3 /10