• Heap Overflow in IPP Attribute Name
  Vulnerability Reference : CVE-2019-13192
  Release Date : July, 31st, 2019
  Impact : 9.8 CVSSv3
  Summary : Heap buffer overflow vulnerability would allow arbitrary codes to run on Brother products.
  Reference : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13192 (Jump to another website with opening new window.)
   

• Stack Buffer Overflow in Cookie Values
  Vulnerability Reference : CVE-2019-13193
  Release Date : July, 31st, 2019
  Impact : 8.8 CVSSv3
  Summary : Stack buffer overflow vulnerability would allow arbitrary codes on Brother products, causing data corruption.
  Reference : https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13193 (Jump to another website with opening new window.)
   

• Information Disclosure Vulnerability
  Vulnerability Reference : CVE-2019-13194
  Release Date : July, 31st, 2019
  Impact : 7.5 CVSSv3
  Summary : Information disclosure vulnerability would allow unauthorized users to sniff Web Based Management URLs used for managing product settings.
  Reference : https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13194(Jump to another website with opening new window.)

Solution

Please check the affected model list. If you are currently using any of these products, please update the machine firmware and/or follow the Workaround below.

Workaround

Please use the product on a network protected by a firewall or a router.

Firmware Update Schedule

Please see the affected model list.

Firmware Update Tool

Please download Brother's Firmware Update Tool.