Raise3D Pro2 Series 3D Printers**

Plan PatchCVSS 8.6ICS-CERT ICSA-25-275-01Oct 2, 2025

Attack path

Attack VectorNetwork

Auth RequiredNone

ComplexityLow

User InteractionNone needed

Summary

A vulnerability in Raise3D Pro2 Series 3D printers allows an attacker to exfiltrate data from or compromise the device when developer mode is enabled. The vulnerability requires no authentication and can be exploited remotely over the network. Raise3D is developing a firmware patch but has not provided a timeline for release. The recommended immediate mitigation is to disable developer mode unless it is actively required for device troubleshooting or development activities.

What this means

What could happen

An attacker with network access to a Raise3D Pro2 3D printer could steal data from the device or modify its configuration. If these printers are used in manufacturing or prototyping operations, an attacker could also alter print jobs to produce defective parts or sabotage the manufacturing process.

Who's at risk

Organizations operating Raise3D Pro2 Series 3D printers in manufacturing, prototyping, or production environments should be concerned. This includes contract manufacturers, small manufacturing shops, dental labs, and any facility using these devices for critical part production or design iteration.

How it could be exploited

An attacker on your network (or from the internet if the printer is exposed) can access the Pro2 Series printer remotely when developer mode is enabled. The attacker can then extract sensitive data or send commands to compromise the device without needing valid credentials.

Prerequisites

Network connectivity to the Pro2 Series printer (HTTP/HTTPS port, typically accessible from your internal network or internet if not firewalled)
Developer mode must be enabled on the target printer

remotely exploitableno authentication requiredlow complexityno patch available (firmware update in development with no release date)potentially affects production equipment

Exploitability

Unlikely to be exploited — EPSS score 0.1%

Affected products (1)

ProductAffected VersionsFix Status

Pro2 Series: vers:all/*All versionsNo fix (EOL)

Remediation & Mitigation

0/4

Do now

0/2

WORKAROUNDDisable developer mode on all Raise3D Pro2 Series printers unless it is actively required for troubleshooting or development

HARDENINGRestrict network access to Pro2 Series printers by placing them behind a firewall and blocking inbound access from the internet

Schedule — requires maintenance window

0/2

Patching may require device reboot — plan for process interruption

HARDENINGIf remote access to printers is required, use a VPN to connect instead of exposing the printer directly to your network or internet

HOTFIXMonitor the Raise3D Support Center for firmware updates and apply them when available and tested in your environment

CVEs (1)

CVE-2025-10653

View full CISA ICS-CERT advisory

↑↓ Navigate · Esc Close

API: /api/v1/advisories/0a06678f-0a53-4f31-8a85-d2b83f70a78d

Get OT security insights every Tuesday

Advisory breakdowns, a weekly summary, and incident analyses for the people actually defending OT environments. Free, no account required.