CVE-2025-53869

LOW

Brother MFP - SSL/TLS Info Disclosure

Title source: llm

Description

Multiple MFPs provided by Brother Industries, Ltd. does not properly validate server certificates, which may allow a man-in-the-middle attacker to replace the set of root certificates used by the product with a set of arbitrary certificates.

References (4)

[Various Sources] https://faq.brother.co.jp/app/answers/detail/a_id/13716

[Various Sources] https://www.ricoh.com/products/security/vulnerabilities/vul?id=ricoh-2026-000001

[Third Party Advisory] https://jvn.jp/en/vu/JVNVU92878805/

[Vendor Advisory] https://www.konicaminolta.com/global-en/security/advisory/pdf/km-2026-0001.pdf

Scores

CVSS v3 3.7

EPSS 0.0002

EPSS Percentile 6.6%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N

CISA SSVC

Vulnrichment

Exploitation none

Automatable no

Technical Impact partial

Details

CWE

CWE-295

Status published

Products (3)

Brother Industries, Ltd./Multiple MFPs see the information provided by the vendor

Konica Minolta, Inc./Multiple MFPs see the information provided by the vendor

Ricoh Company, Ltd./Multiple MFPs see the information provided by the vendor

Published Jan 29, 2026

Tracked Since Feb 18, 2026