CVE-2025-57521

Name of the Vulnerable Software and Affected Versions Bambu Studio versions 2.1.1.52 and earlier

Description Bambu Studio is susceptible to a flaw that could allow a local attacker to execute arbitrary code during application startup. The application loads a network plugin without validating its digital signature or verifying its authenticity. An attacker can exploit this by placing a malicious component in a controllable location, such as the %APPDATA% directory, leading to code execution with the user's privileges. The application's digital signature may allow a malicious component to inherit trust, potentially bypassing security solutions that rely on signed processes.

Recommendations Versions prior to 2.1.1.52 should be updated.