AnyCubic has updated the Kobra 2 firmware to fix a zero-day vulnerability that was exploited last month to print security warnings on 3D printers all over the world.
Users of AnyCubic printers reported that their Kobra 3D printers had been hacked using a print job that alerted them that their devices were vulnerable to a serious vulnerability at the end of February.
This vulnerability made it possible for hackers to hack into the company’s MQTT service API’s insecure permissions to send commands to the printer.
The attacker could queue a G-code file with the name “hacked_machine_readme.” gcode, which indicated that a critical vulnerability had affected the printers when it was opened in a text editor.
” Your computer has a significant security threat because of its critical vulnerability.” It is imperative to take immediate action to stop potential exploitation, according to the text file.
If you do n’t want to be hacked by a bad actor, feel free to disconnect your printer from the Internet. Simply put, this is a harmless message. You have received no harm in any way.
Source: lilputman
Anycubic should blame their mqtt server, which enables any valid credential to connect to and manage your printer via the Matt API. Hope Anycubic fixes their mqtt server, the message continued.
The researchers claim that they repeatedly emailed AnyCube about the flaw before being ignored, which led them to use the unorthodox method of publicly exploiting the flaw to warn printer owners.
Two crucial security flaws have been identified in our attempts to communicate with Anycubic, one of which can be fatal if discovered by a malicious. We have n’t received a single response to any of our three emails despite our efforts over the past two months. We have put a lot of time and effort into addressing these flaws, according to the researchers ‘ a , forum post .
It appears that Anycubic has not taken our concerns seriously, despite our initial efforts to resolve the problem amicably ( and we still hope in it ). We are now preparing to release these vulnerabilities along with our repo and our tools to the general public as a result.
A security update is released by AnyCubic.
AnyCubic fixed this zero-day vulnerability with new firmware for the Kobra 2 Pro/Plus/Max 3D printers on March 5th.
AnyCube wrote in an email to BleepingComputer,” We want to inform you that quick action has been taken on our part, and we released a new firmware on March 5th, specifically designed to address the vulnerabilities highlighted.”
AnyCubic claims that the MQTT server, which was abused to send the warnings to printers, has strengthened security verification and authorization/permission management to address the problem.
The company claims that future firmware updates will include the following security measures, with the most recent one scheduled for March 13th.
- implementing network segmentation strategies to limit external services’ access
- carrying out regular system, software, and MQTT server audits and updates.
The company has provided instructions on how to turn off the WiFi via the printer screen for those who are uneasy about having your printers access AnyCubic’s cloud service.
AnyCubic apologizes for the incident, but they continue to explain why the security researchers ignored three emails over the course of two months.