CVE-2025-53869
3.7
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N
Summary
Multiple MFPs provided by Brother Industries, Ltd. does not properly validate server certificates, which may allow a man-in-the-middle attacker to replace the set of root certificates used by the product with a set of arbitrary certificates.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Brother Industries, Ltd. | Multiple MFPs | see the information provided by the vendor | affected |
| Konica Minolta, Inc. | Multiple MFPs | see the information provided by the vendor | affected |
| Ricoh Company, Ltd. | Multiple MFPs | see the information provided by the vendor | affected |
Weaknesses
- CWE-295: Improper certificate validation
ADP Enrichment
CISA ADP Vulnrichment
- SSVC:
- Exploitation: none
- Automatable: no
- Technical Impact: partial
References
- https://faq.brother.co.jp/app/answers/detail/a_id/13716
- https://www.konicaminolta.com/global-en/security/advisory/pdf/km-2026-0001.pdf
- https://www.ricoh.com/products/security/vulnerabilities/vul?id=ricoh-2026-000001
- https://jvn.jp/en/vu/JVNVU92878805/
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.