• Heap Overflow in IPP Attribute Name
  Vulnerability Reference : CVE-2019-13192
  Release Date : July, 31st, 2019
  Impact : 9.8 CVSSv3
  Summary : Heap buffer overflow vulnerability would allow arbitrary codes to run on Brother products.
  Reference : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13192 (Jump to another website with opening new window.)
   

• Stack Buffer Overflow in Cookie Values
  Vulnerability Reference : CVE-2019-13193
  Release Date : July, 31st, 2019
  Impact : 8.8 CVSSv3
  Summary : Stack buffer overflow vulnerability would allow arbitrary codes on Brother products, causing data corruption.
  Reference : https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13193 (Jump to another website with opening new window.)
   

• Information Disclosure Vulnerability
  Vulnerability Reference : CVE-2019-13194
  Release Date : July, 31st, 2019
  Impact : 7.5 CVSSv3
  Summary : Information disclosure vulnerability would allow unauthorized users to sniff Web Based Management URLs used for managing product settings.
  Reference : https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13194(Jump to another website with opening new window.)

 

Solution

 

Please check the affected model list. If you are currently using any of these products, please update the machine firmware and/or follow the Workaround below.

 

Workaround

 

Please use the product on a network protected by a firewall or a router.

 

Firmware Update Schedule

 

Please see the affected model list.

 

Firmware Update Tool

 

Please download Brother's Firmware Update Tool.