CVE-2025-53869 | THREATINT

Description

Multiple MFPs provided by Brother Industries, Ltd. does not properly validate server certificates, which may allow a man-in-the-middle attacker to replace the set of root certificates used by the product with a set of arbitrary certificates.

PUBLISHED Reserved 2025-11-18 | Published 2026-01-29 | Updated 2026-01-29 | Assigner jpcert

LOW: 3.7CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N

MEDIUM: 6.3CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N

Problem types

Improper certificate validation

Product status

see the information provided by the vendor

affected

see the information provided by the vendor

affected

see the information provided by the vendor

affected

References

faq.brother.co.jp/app/answers/detail/a_id/13716

www.konicaminolta.com/...urity/advisory/pdf/km-2026-0001.pdf

www.ricoh.com/...ty/vulnerabilities/vul?id=ricoh-2026-000001

jvn.jp/en/vu/JVNVU92878805/

cve.org (CVE-2025-53869)

nvd.nist.gov (CVE-2025-53869)

Download JSON