CVE-2025-53869

Summary

Multiple MFPs provided by Brother Industries, Ltd. does not properly validate server certificates, which may allow a man-in-the-middle attacker to replace the set of root certificates used by the product with a set of arbitrary certificates.

Affected Software

VendorProductVersion RangeStatus
Brother Industries, Ltd.Multiple MFPssee the information provided by the vendoraffected
Konica Minolta, Inc.Multiple MFPssee the information provided by the vendoraffected
Ricoh Company, Ltd.Multiple MFPssee the information provided by the vendoraffected

Weaknesses

  • CWE-295: Improper certificate validation

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References