CVE-2019-13194

high-risk

Published 2020-03-13

Some Brother printers (such as the HL-L8360CDW v1.20) were affected by different information disclosure vulnerabilities that provided sensitive information to an unauthenticated user who visits a specific URL.

Do I need to act?

0.55% chance of exploitation

EPSS score — low exploit probability

Not on CISA KEV list

No confirmed active exploitation reported to CISA

Patch status unknown

Check vendor advisories for fix availability and mitigation guidance

CVSS 7.5/10 High

NETWORK / LOW complexity

Affected Products (20)

Ads-2400N Firmware

Ads-2800W Firmware

Ads-3000N Firmware

Ads-3600W Firmware

Dcp-1610W Firmware

Dcp-1610We Firmware

Dcp-1610Wr Firmware

Dcp-1610Wvb Firmware

Dcp-1612W Firmware

Dcp-1612We Firmware

Dcp-1612Wr Firmware

Dcp-1612Wvb Firmware

Dcp-1615Nw Firmware

Dcp-1616Nw Firmware

Dcp-1617Nw Firmware

Dcp-1618W Firmware

Dcp-1622We Firmware

Dcp-1623We Firmware

Dcp-1623Wr Firmware

Dcp-7180Dn Firmware

Affected Vendors

Brother

References (6)

Vendor Advisory https://global.brother

Vendor Advisory https://support.brother.com/g/b/faqend.aspx?c=us&lang=en&prod=group2&faqid=faq00...

Exploit https://www.nccgroup.trust/us/our-research/technical-advisory-multiple-vulnerabi...

Vendor Advisory https://global.brother

Vendor Advisory https://support.brother.com/g/b/faqend.aspx?c=us&lang=en&prod=group2&faqid=faq00...

Exploit https://www.nccgroup.trust/us/our-research/technical-advisory-multiple-vulnerabi...

/ 100

high-risk

Severity 26/34 · High

Exploitability 2/34 · Minimal

Exposure 33/34 · Critical