Security News > 2024 > March > AnyCubic fixes exploited 3D printer zero day flaw with new firmware

AnyCubic fixes exploited 3D printer zero day flaw with new firmware
2024-03-07 16:10

AnyCubic has released new Kobra 2 firmware to fix a zero-day vulnerability exploited last month to print security warnings on 3D printers worldwide.

At the end of February, AnyCubic printer users began reporting that their Kobra 3D printers were hacked with a print job that warned their devices were vulnerable to a critical vulnerability.

"You should blame anycubic for their mqtt server which allows any valid credential to connect and control your printer via the matt API. Let's just hope anycubic fixes their mqtt server," continued the message.

The researchers claim that they had emailed AnyCube three times about the flaw and were ignored, leading them to take the unorthodox approach of exploiting the flaw to warn printer owners publicly.

On March 5th, AnyCubic released new firmware for the Kobra 2 Pro/Plus/Max 3D printers with a fix for this zero-day vulnerability.

Anycubic 3D printers hacked worldwide to expose security flaw.


News URL

https://www.bleepingcomputer.com/news/security/anycubic-fixes-exploited-3d-printer-zero-day-flaw-with-new-firmware/