 |
FAQs & Troubleshooting |
Vulnerability Reference: CVE-2020-11896 etc. Solutions for Multiple Vulnerabilities
These vulnerabilities may affect your machine if it receives improper data. To avoid receiving improper data, use the machine on a network protected by a firewall or a router.
> Click here to check the affected model list.
Workaround
We recommend using the machine on a network protected by a firewall or a router.
Solution
Update the machine's firmware.
> Click here to download the Firmware Update Tool and see more information to update the firmware.
Description
It was discovered that multiple potential vulnerabilities exist in the networking stack used in Brother products. These vulnerabilities, excluding CVE-2019-12264, are collectively referred to as Ripple20. Our investigation shows that the machine operation may stop or a part of the machine's internal memory may be read if the machine is not protected by a firewall or a router and receives intentionally created improper data. However, data such as the address book data and print data cannot be read.
For more information, see the reference sites below (Jump to another website with opening new window.):
| Reference | Base Vector | Base Score | Reference Site |
|---|---|---|---|
| CVE-2019-12264 | CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H | 6.5 | https://nvd.nist.gov/vuln/detail/CVE-2019-12264 |
| CVE-2020-11896 | CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H | 8.2 | https://nvd.nist.gov/vuln/detail/CVE-2020-11896 |
| CVE-2020-11897 | No related part being used. | - | |
| CVE-2020-11898 | CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N | 5.3 | https://nvd.nist.gov/vuln/detail/CVE-2020-11898 |
| CVE-2020-11899 | No related part being used. | - | |
| CVE-2020-11900 | CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H | 8.2 | https://nvd.nist.gov/vuln/detail/CVE-2020-11900 |
| CVE-2020-11901 | CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:L/A:H | 6.5 | https://nvd.nist.gov/vuln/detail/CVE-2020-11901 |
| CVE-2020-11902 | CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N | 5.3 | https://nvd.nist.gov/vuln/detail/CVE-2020-11902 |
| CVE-2020-11903 | CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N | 3.5 | https://nvd.nist.gov/vuln/detail/CVE-2020-11903 |
| CVE-2020-11904 | No related part being used. | - | |
| CVE-2020-11905 | DHCPv6 not installed. | - | |
| CVE-2020-11906 | CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L | 5.0 | https://nvd.nist.gov/vuln/detail/CVE-2020-11906 |
| CVE-2020-11907 | CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L | 5.0 | https://nvd.nist.gov/vuln/detail/CVE-2020-11907 |
| CVE-2020-11908 | CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N | 4.3 | https://nvd.nist.gov/vuln/detail/CVE-2020-11908 |
| CVE-2020-11909 | CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N | 3.7 | https://nvd.nist.gov/vuln/detail/CVE-2020-11909 |
| CVE-2020-11910 | CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N | 3.7 | https://nvd.nist.gov/vuln/detail/CVE-2020-11910 |
| CVE-2020-11911 | CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L | 3.7 | https://nvd.nist.gov/vuln/detail/CVE-2020-11911 |
| CVE-2020-11912 | CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N | 3.7 | https://nvd.nist.gov/vuln/detail/CVE-2020-11912 |
| CVE-2020-11913 | CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L | 3.7 | https://nvd.nist.gov/vuln/detail/CVE-2020-11913 |
| CVE-2020-11914 | CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N | 3.1 | https://nvd.nist.gov/vuln/detail/CVE-2020-11914 |
