 |
FAQs & Troubleshooting |
Vulnerability Reference: CVE-2020-11896 etc. Solutions for Multiple Vulnerabilities
These vulnerabilities may affect your machine if it receives improper data. To avoid receiving improper data, use the machine on a network protected by a firewall or a router.
Check the affected model list.
Workaround
We recommend using the machine on a network protected by a firewall or a router.
Solution
Update the machine’s firmware. Download Brother’s Firmware Update Tool from the Downloads section for your machine.
Description
It was discovered that multiple potential vulnerabilities exist in the networking stack used in Brother products. These vulnerabilities, excluding CVE-2019-12264, are collectively referred to as Ripple20. Our investigation shows that the machine operation may stop or a part of the machine’s internal memory may be read if the machine is not protected by a firewall or a router and receives intentionally created improper data. However, data such as the address book data and print data cannot be read.
For more information, see the reference sites below:
| Reference | Base Vector | Base Score | Reference Site |
|---|---|---|---|
| CVE-2019-12264 |
CVSS:3.0/AV:A/AC:L/PR:N/ UI:N/S:U/C:N/I:N/A:H |
6.5 | https://nvd.nist.gov/vuln/detail/CVE-2019-12264 |
| CVE-2020-11896 |
CVSS:3.0/AV:N/AC:L/ PR:N/UI:N/S:U/C:N/I:L/A:H |
8.2 | https://nvd.nist.gov/vuln/detail/CVE-2020-11896 |
| CVE-2020-11897 | No related part being used. | - | |
| CVE-2020-11898 |
CVSS:3.0/AV:N/AC:L/ PR:N/UI:N/S:U/C:L/I:N/A:N |
5.3 | https://nvd.nist.gov/vuln/detail/CVE-2020-11898 |
| CVE-2020-11899 | No related part being used. | - | |
| CVE-2020-11900 |
CVSS:3.0/AV:N/AC:L/ PR:N/UI:N/S:U/C:N/I:L/A:H |
8.2 | https://nvd.nist.gov/vuln/detail/CVE-2020-11900 |
| CVE-2020-11901 |
CVSS:3.0/AV:N/AC:H/ PR:N/UI:N/S:C/C:N/I:L/A:H |
6.5 | https://nvd.nist.gov/vuln/detail/CVE-2020-11901 |
| CVE-2020-11902 |
CVSS:3.0/AV:N/AC:L/ PR:N/UI:N/S:U/C:L/I:N/A:N |
5.3 | https://nvd.nist.gov/vuln/detail/CVE-2020-11902 |
| CVE-2020-11903 |
CVSS:3.0/AV:A/AC:L/ PR:N/UI:N/S:U/C:H/I:N/A:N |
3.5 | https://nvd.nist.gov/vuln/detail/CVE-2020-11903 |
| CVE-2020-11904 | No related part being used. | - | |
| CVE-2020-11905 | DHCPv6 not installed. | - | |
| CVE-2020-11906 |
CVSS:3.0/AV:A/AC:H/ PR:N/UI:N/S:U/C:L/I:L/A:L |
5.0 | https://nvd.nist.gov/vuln/detail/CVE-2020-11906 |
| CVE-2020-11907 |
CVSS:3.0/AV:A/AC:H/ PR:N/UI:N/S:U/C:L/I:L/A:L |
5.0 | https://nvd.nist.gov/vuln/detail/CVE-2020-11907 |
| CVE-2020-11908 |
CVSS:3.0/AV:A/AC:L/ PR:N/UI:N/S:U/C:L/I:N/A:N |
4.3 | https://nvd.nist.gov/vuln/detail/CVE-2020-11908 |
| CVE-2020-11909 |
CVSS:3.0/AV:N/AC:H/ PR:N/UI:N/S:U/C:L/I:N/A:N |
3.7 | https://nvd.nist.gov/vuln/detail/CVE-2020-11909 |
| CVE-2020-11910 |
CVSS:3.0/AV:N/AC:H/ PR:N/UI:N/S:U/C:L/I:N/A:N |
3.7 | https://nvd.nist.gov/vuln/detail/CVE-2020-11910 |
| CVE-2020-11911 |
CVSS:3.0/AV:N/AC:H/ PR:N/UI:N/S:U/C:N/I:N/A:L |
3.7 | https://nvd.nist.gov/vuln/detail/CVE-2020-11911 |
| CVE-2020-11912 |
CVSS:3.0/AV:N/AC:H/ PR:N/UI:N/S:U/C:L/I:N/A:N |
3.7 | https://nvd.nist.gov/vuln/detail/CVE-2020-11912 |
| CVE-2020-11913 |
CVSS:3.0/AV:N/AC:L/ PR:N/UI:N/S:U/C:N/I:N/A:L |
3.7 | https://nvd.nist.gov/vuln/detail/CVE-2020-11913 |
| CVE-2020-11914 |
CVSS:3.0/AV:A/AC:H/ PR:N/UI:N/S:U/C:L/I:N/A:N |
3.1 | https://nvd.nist.gov/vuln/detail/CVE-2020-11914 |