AnyCubic has addressed a zero-day vulnerability exploited by hackers to print security warnings on Kobra 3D printers worldwide. In late February, users reported receiving warnings about critical vulnerabilities via print jobs on their printers. The flaw allowed attackers to exploit insecure permissions in AnyCubic's MQTT service API to send commands to the printers and queue a G-code file named 'hacked_machine_readme.gcode.'
The warning messages urged users to disconnect their printers from the internet due to the vulnerability in AnyCubic's MQTT server, which allowed unauthorized access and control. Despite attempts by researchers to notify AnyCubic about the vulnerabilities through emails, they received no response. Frustrated by the lack of acknowledgement, the researchers publicly exploited the flaw to raise awareness.
Responding swiftly, AnyCubic released new firmware for Kobra 2 Pro/Plus/Max 3D printers on March 5th to address the zero-day vulnerability. The update strengthens security verification and authorization/permission management in the MQTT server to prevent further exploitation.
Moving forward, AnyCubic plans to implement additional security measures in future firmware updates, including network segmentation and regular audits for systems and software. They also provided instructions for users uncomfortable with their printers accessing AnyCubic's cloud service to disable WiFi via the printer screen.
Despite apologizing for the incident, AnyCubic has not explained why they ignored the security researchers' emails over two months. The lack of communication underscores the importance of timely responses to security vulnerabilities, especially in IoT devices like 3D printers, which are susceptible to exploitation by threat actors.
Overall, AnyCubic's response highlights the significance of proactive security measures and communication in mitigating risks associated with cyber threats in IoT devices.
