CVE-2025-57521 – Bambu Studio versions 2.1.1.52 and earlier cont... (How to Fix)

Q: What is the severity of CVE-2025-57521?

CVE-2025-57521 has a CVSS score of 6.1 (MEDIUM). Bambu Studio versions 2.1.1.52 and earlier contain a vulnerability that allows local attackers to execute arbitrary code during application startup. The application loads network plugins without proper signature validation, enabling attackers to place malicious components in user-writable directories like %APPDATA%. This affects all users running vulnerable versions of Bambu Studio.

📋 TL;DR

Bambu Studio versions 2.1.1.52 and earlier contain a vulnerability that allows local attackers to execute arbitrary code during application startup. The application loads network plugins without proper signature validation, enabling attackers to place malicious components in user-writable directories like %APPDATA%. This affects all users running vulnerable versions of Bambu Studio.

💻 Affected Systems

Products:

Bambu Studio

Versions: 2.1.1.52 and earlier

Operating Systems: Windows, macOS, Linux

Default Config Vulnerable: ⚠️ Yes

Notes: All default installations are vulnerable. The vulnerability requires local access to place malicious files in user-writable directories.

⚠️ Manual Verification Required

This CVE does not have specific version information in our database, so automatic vulnerability detection cannot determine if your system is affected.

Why? The CVE database entry doesn't specify which versions are vulnerable (no version ranges provided by the vendor/NVD).

🔒 Custom verification scripts are available for registered users. Sign up free to download automated test scripts.

Recommended Actions:

Review the CVE details at NVD
Check vendor security advisories for your specific version
Test if the vulnerability is exploitable in your environment
Consider updating to the latest version as a precaution

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete system compromise through arbitrary code execution with user privileges, potentially leading to data theft, ransomware deployment, or lateral movement within the network.

🟠

Likely Case

Local privilege escalation leading to user account compromise, data exfiltration, or installation of persistent malware.

🟢

If Mitigated

Limited impact if proper application whitelisting and user privilege restrictions are in place, though user data could still be compromised.

🌐 Internet-Facing: LOW - This is a local attack vector requiring access to the target system.

🏢 Internal Only: HIGH - Local attackers or malware with user-level access can exploit this vulnerability to escalate privileges and compromise systems.

🎯 Exploit Status

Public PoC: ⚠️ Yes

Weaponized: UNKNOWN

Unauthenticated Exploit: ✅ No

Complexity: MEDIUM

Proof-of-concept code is publicly available on GitHub. Exploitation requires local access to the target system and knowledge of Bambu Studio's plugin loading mechanism.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: 2.3.0 and later

Vendor Advisory: https://wiki.bambulab.com/en/software/bambu-studio/release/release-note-2-3-0

Restart Required: No

Instructions:

1. Open Bambu Studio. 2. Go to Help > Check for Updates. 3. Follow prompts to update to version 2.3.0 or later. 4. Alternatively, download the latest version from the official Bambu Lab website.

🔧 Temporary Workarounds

Restrict plugin directory permissions

all

Set strict permissions on Bambu Studio plugin directories to prevent unauthorized file writes

Windows: icacls "%APPDATA%\BambuStudio\plugins" /deny Users:(OI)(CI)W
macOS/Linux: chmod 755 ~/.config/BambuStudio/plugins

🧯 If You Can't Patch

Implement application whitelisting to prevent execution of unauthorized binaries from user directories.
Use least privilege principles - ensure users don't have write access to Bambu Studio installation directories.

🔍 How to Verify

Check if Vulnerable:

Check Bambu Studio version in Help > About. If version is 2.1.1.52 or earlier, the system is vulnerable.

Check Version:

Windows: "C:\Program Files\BambuStudio\BambuStudio.exe" --version, macOS: /Applications/BambuStudio.app/Contents/MacOS/BambuStudio --version, Linux: bambu-studio --version

Verify Fix Applied:

Verify version is 2.3.0 or later in Help > About. Check that plugin signature validation is enabled in application settings.

📡 Detection & Monitoring

Log Indicators:

Unexpected process launches from Bambu Studio directories
File writes to Bambu Studio plugin directories by non-Bambu processes
Security software alerts about unsigned DLLs loading with Bambu Studio

Network Indicators:

Unusual outbound connections from Bambu Studio process
DNS requests to suspicious domains after Bambu Studio startup

SIEM Query:

Process Creation where (Image contains 'BambuStudio' OR ParentImage contains 'BambuStudio') AND CommandLine contains unusual parameters OR Image loads from user writable directories

📊 Metadata

CVE ID: CVE-2025-57521

CVSS v3 Score: 6.1 (MEDIUM)

CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:N

CWE: CWE-77

EPSS Score: 0.02% exploit probability (6th percentile)

Published: October 21, 2025

Last Updated: October 22, 2025

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2025-57521, you might also want to check these: