CVE-2024-51330

Name of the Vulnerable Software and Affected Versions UltiMaker Cura versions 4.41 and 5.8.1 and earlier

Description The issue allows a local attacker to execute arbitrary code via the Inter-process communication (IPC) mechanism between the Cura application and CuraEngine processes, localhost network stack, printing settings, and G-code processing and transmission components. This affects Ultimaker 3D Printers.

Recommendations For versions 4.41 and 5.8.1 and earlier, consider disabling the Inter-process communication (IPC) mechanism between the Cura application and CuraEngine processes as a temporary workaround until a patch is available. Restrict access to the localhost network stack and limit the use of printing settings and G-code processing and transmission components to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.