Vulnerability Reference: CVE-2020-11896 etc. Solutions for Multiple Vulnerabilities

These vulnerabilities may affect your machine if it receives improper data. To avoid receiving improper data, use the machine on a network protected by a firewall or a router.

 

Check the affected model list.

 

Workaround
We recommend using the machine on a network protected by a firewall or a router.

 

Solution
Update the machine’s firmware. Download Brother’s Firmware Update Tool from the Downloads section for your machine.

 

Description
It was discovered that multiple potential vulnerabilities exist in the networking stack used in Brother products. These vulnerabilities, excluding CVE-2019-12264, are collectively referred to as Ripple20. Our investigation shows that the machine operation may stop or a part of the machine’s internal memory may be read if the machine is not protected by a firewall or a router and receives intentionally created improper data. However, data such as the address book data and print data cannot be read.

 

For more information, see the reference sites below:

Reference Base Vector Base Score Reference Site
CVE-2019-12264

CVSS:3.0/AV:A/AC:L/PR:N/

UI:N/S:U/C:N/I:N/A:H

6.5 https://nvd.nist.gov/vuln/detail/CVE-2019-12264
CVE-2020-11896

CVSS:3.0/AV:N/AC:L/

PR:N/UI:N/S:U/C:N/I:L/A:H

8.2 https://nvd.nist.gov/vuln/detail/CVE-2020-11896
CVE-2020-11897 No related part being used. -  
CVE-2020-11898

CVSS:3.0/AV:N/AC:L/

PR:N/UI:N/S:U/C:L/I:N/A:N

5.3 https://nvd.nist.gov/vuln/detail/CVE-2020-11898
CVE-2020-11899 No related part being used. -  
CVE-2020-11900

CVSS:3.0/AV:N/AC:L/

PR:N/UI:N/S:U/C:N/I:L/A:H

8.2 https://nvd.nist.gov/vuln/detail/CVE-2020-11900
CVE-2020-11901

CVSS:3.0/AV:N/AC:H/

PR:N/UI:N/S:C/C:N/I:L/A:H

6.5 https://nvd.nist.gov/vuln/detail/CVE-2020-11901
CVE-2020-11902

CVSS:3.0/AV:N/AC:L/

PR:N/UI:N/S:U/C:L/I:N/A:N

5.3 https://nvd.nist.gov/vuln/detail/CVE-2020-11902
CVE-2020-11903

CVSS:3.0/AV:A/AC:L/

PR:N/UI:N/S:U/C:H/I:N/A:N

3.5 https://nvd.nist.gov/vuln/detail/CVE-2020-11903
CVE-2020-11904 No related part being used. -  
CVE-2020-11905 DHCPv6 not installed. -  
CVE-2020-11906

CVSS:3.0/AV:A/AC:H/

PR:N/UI:N/S:U/C:L/I:L/A:L

5.0 https://nvd.nist.gov/vuln/detail/CVE-2020-11906
CVE-2020-11907

CVSS:3.0/AV:A/AC:H/

PR:N/UI:N/S:U/C:L/I:L/A:L

5.0 https://nvd.nist.gov/vuln/detail/CVE-2020-11907
CVE-2020-11908

CVSS:3.0/AV:A/AC:L/

PR:N/UI:N/S:U/C:L/I:N/A:N

4.3 https://nvd.nist.gov/vuln/detail/CVE-2020-11908
CVE-2020-11909

CVSS:3.0/AV:N/AC:H/

PR:N/UI:N/S:U/C:L/I:N/A:N

3.7 https://nvd.nist.gov/vuln/detail/CVE-2020-11909
CVE-2020-11910

CVSS:3.0/AV:N/AC:H/

PR:N/UI:N/S:U/C:L/I:N/A:N

3.7 https://nvd.nist.gov/vuln/detail/CVE-2020-11910
CVE-2020-11911

CVSS:3.0/AV:N/AC:H/

PR:N/UI:N/S:U/C:N/I:N/A:L

3.7 https://nvd.nist.gov/vuln/detail/CVE-2020-11911
CVE-2020-11912

CVSS:3.0/AV:N/AC:H/

PR:N/UI:N/S:U/C:L/I:N/A:N

3.7 https://nvd.nist.gov/vuln/detail/CVE-2020-11912
CVE-2020-11913

CVSS:3.0/AV:N/AC:L/

PR:N/UI:N/S:U/C:N/I:N/A:L

3.7 https://nvd.nist.gov/vuln/detail/CVE-2020-11913
CVE-2020-11914

CVSS:3.0/AV:A/AC:H/

PR:N/UI:N/S:U/C:L/I:N/A:N

3.1 https://nvd.nist.gov/vuln/detail/CVE-2020-11914

If your question was not answered, have you checked other FAQs?

If you need further assistance, please contact Brother customer service:

Content Feedback

To help us improve our support, please provide your feedback below.

Step 1: How does the information on this page help you?

Step 2: Are there any comments you would like to add?

Please note this form is used for feedback only.