Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Bambu Studio 2.1.1.52 and earlier is affected by a vulnerability that allows arbitrary code execution during application startup. The application loads a network plugin without validating its digital signature or verifying its authenticity. A local attacker can exploit this behavior by placing a malicious component in the expected location, which is controllable by the attacker (e.g., under %APPDATA%), resulting in code execution within the context of the user. The main application is digitally signed, which may allow a malicious component to inherit trust and evade detection by security solutions that rely on signed parent processes.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
BambuStudio 安全漏洞
Vulnerability Description
BambuStudio是Bambu Lab开源的一个连接BambuLab和其他3D打印机的软件。 BambuStudio 2.1.1.52及之前版本存在安全漏洞,该漏洞源于应用程序启动时加载网络插件未验证数字签名或真实性,可能导致本地攻击者通过放置恶意组件执行任意代码。
CVSS Information
N/A
Vulnerability Type
N/A