QwikSec

Security Database

CVE

CWE

Training

CVE-2025-53869

Published: Jan 29, 2026

Modified: Jan 29, 2026

PUBLISHED

CVSS v3.1

3.7

LOW

Description

Multiple MFPs provided by Brother Industries, Ltd. does not properly validate server certificates, which may allow a man-in-the-middle attacker to replace the set of root certificates used by the product with a set of arbitrary certificates.

Vendor	Product	Versions
Brother Industries, Ltd.	Multiple MFPs	affected `see the information provided by the vendor`
Konica Minolta, Inc.	Multiple MFPs	affected `see the information provided by the vendor`
Ricoh Company, Ltd.	Multiple MFPs	affected `see the information provided by the vendor`

Weaknesses (CWE)

CVSS v3.1 Details

CVSS v3.1 Vector

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N

Attack Vector

Network

Attack Complexity

High

Privileges Required

None

User Interaction

None

Scope

Unchanged

Confidentiality

None

Integrity

Low

Availability

None

References

https://faq.brother.co.jp/app/answers/detail/a_id/13716

https://www.konicaminolta.com/global-en/security/advisory/pdf/km-2026-0001.pdf

https://www.ricoh.com/products/security/vulnerabilities/vul?id=ricoh-2026-000001

https://jvn.jp/en/vu/JVNVU92878805/

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.