CVE-2025-8452

MEDIUM EPSS 13.3%
Published Aug 12, 202510mo ago · Modified Jun 17, 20262w ago
4.3 CVSS 3.1
Medium
Find Similar
Published Aug 12, 2025 10mo ago
Last Modified Jun 17, 2026 2w ago

Description

By using the "uscan" protocol provided by the eSCL specification, an attacker can discover the serial number of multi-function printers that implement the Brother-provided firmware. This serial number can, in turn, can be leveraged by the flaw described by CVE-2024-51978 to calculate the default administrator password. This flaw is similar to CVE-2024-51977, with the only difference being the protocol by which an attacker can use to learn the remote device's serial number. The eSCL/uscan vector is typically only exposed on the local network. Any discovery service that implements the eSCL specification can be used to exploit this vulnerability, and one such implementation is the runZero Explorer. Changing the default administrator password will render this vulnerability virtually worthless, since the calculated default administrator password would no longer be the correct password.

CVSS Details

Base Score
4.3
Exploitability
2.8
Impact
1.4
Vector string
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
Attack Vector Adjacent
Attack Complexity Low
Privileges Required None
User Interaction None
Scope Unchanged
Confidentiality Low
Integrity None
Availability None

Threat Intelligence

EPSS Exploit Probability
13.3% percentile
Exploit & Patch Status
No Known Exploit
No Patch Available

Weaknesses 1

CWE-538

References 5

  • help.runzero.com https://help.runzero.com/docs/installing-an-explorer/
  • support.brother.com https://support.brother.com/g/b/faqend.aspx?c=us&lang=en&prod=group2&faqid=faq00100851_000
  • takeonme.org https://takeonme.org/gcves/GCVE-1337-2025-00000000000000000000000000000000000000000000000001011111011111010111111001000000000000000000000000000000000000000000000000000000001
  • cve.org https://www.cve.org/CVERecord?id=CVE-2024-51977
  • rapid7.com https://www.rapid7.com/blog/post/multiple-brother-devices-multiple-vulnerabilities-fixed/

Remediation

No remediation data recorded yet

Check vendor advisories and the NVD entry for patch availability.