A critical security vulnerability has been identified in Raise3D's Pro2 Series 3D printers that could allow attackers to bypass authentication controls and potentially compromise industrial manufacturing systems. Designated as CVE-2025-10653, this authentication bypass vulnerability affects the popular professional-grade 3D printers when their developer mode is enabled, creating a significant security risk for organizations using these devices in industrial and manufacturing environments.

Understanding CVE-2025-10653

The vulnerability centers around an authentication bypass mechanism that becomes active when the Raise3D Pro2 Series printers have developer mode enabled. According to security researchers and federal industrial-control-systems advisories, this configuration flaw allows unauthorized users to access printer controls and system functions without proper authentication, potentially enabling malicious actors to manipulate printing processes, access sensitive design files, or even use the printers as entry points into broader industrial networks.

Industrial control system security has become increasingly critical as manufacturing environments become more connected. The Raise3D Pro2 Series, widely used in professional and industrial settings for high-precision printing, represents a particularly concerning target given its deployment in sensitive manufacturing operations. When left unsecured, these devices can serve as vulnerable endpoints in otherwise protected industrial networks.

How the Vulnerability Works

Technical analysis reveals that the authentication bypass occurs through specific attack vectors that become available when developer mode is active. This mode, intended for debugging and development purposes, inadvertently creates security weaknesses that can be exploited by attackers with network access to the printer. The vulnerability doesn't require physical access to the device, meaning remote attackers could potentially compromise printers connected to corporate or industrial networks.

The security advisory indicates that successful exploitation could allow attackers to:

  • Bypass user authentication mechanisms
  • Access and modify printer configuration settings
  • Intercept or manipulate print jobs and design files
  • Potentially gain deeper network access through the compromised device
  • Disrupt manufacturing operations through printer manipulation

Impact on Industrial Operations

For organizations using Raise3D Pro2 printers in manufacturing environments, the implications are substantial. Compromised 3D printers could lead to:

  • Production downtime from manipulated print jobs
  • Intellectual property theft through intercepted design files
  • Quality control issues from altered printing parameters
  • Network security breaches using the printer as an entry point
  • Financial losses from wasted materials and production delays

Industrial security experts emphasize that 3D printers, often overlooked in cybersecurity planning, represent genuine security risks when connected to corporate networks. The manufacturing sector has seen increasing targeting by cybercriminals seeking to disrupt operations or steal proprietary designs and manufacturing processes.

Immediate Mitigation Steps

Security professionals recommend several immediate actions to protect vulnerable systems:

Disable Developer Mode

The primary and most critical mitigation is to ensure developer mode is disabled on all Raise3D Pro2 Series printers. This single action effectively neutralizes the vulnerability by removing the attack vector that enables the authentication bypass.

Network Segmentation

Organizations should implement proper network segmentation, isolating 3D printers from critical business networks and limiting their exposure to potential attackers. This containment strategy helps prevent lateral movement even if a printer becomes compromised.

Access Control Implementation

Strict access controls should be enforced, including:

  • Strong authentication mechanisms
  • Principle of least privilege access
  • Regular access reviews and audits
  • Multi-factor authentication where supported

Regular Firmware Updates

Maintain current firmware versions and apply security patches promptly. Manufacturers often release updates addressing known vulnerabilities, and keeping systems updated is fundamental to maintaining security posture.

Long-term Security Strategy

Beyond immediate mitigation, organizations should develop comprehensive security strategies for industrial 3D printing equipment:

Security Monitoring

Implement continuous monitoring of 3D printer networks for unusual activity, including:

  • Unauthorized access attempts
  • Unexpected configuration changes
  • Unusual network traffic patterns
  • Anomalous printing behavior

Security Assessment

Regular security assessments should include 3D printers as part of the organization's asset inventory. Security teams often overlook these devices during vulnerability scanning and penetration testing exercises.

Employee Training

Ensure that operators and IT staff understand the security risks associated with 3D printers and follow established security protocols. Human factors remain a significant vulnerability in industrial security.

Industry Response and Coordination

The disclosure of CVE-2025-10653 follows established vulnerability coordination processes, with Raise3D working with security researchers and government agencies to address the issue. This coordinated approach helps ensure that patches and mitigation guidance are available before widespread exploitation occurs.

Industrial control system security organizations have emphasized the importance of treating 3D printers as critical infrastructure components, particularly in manufacturing environments where they may be used for producing specialized components or prototypes.

Broader Implications for IoT Security

This vulnerability highlights broader concerns about Internet of Things (IoT) security in industrial settings. As manufacturing equipment becomes increasingly connected and automated, the attack surface expands, requiring more comprehensive security approaches.

Security researchers note that similar vulnerabilities may exist in other industrial 3D printing systems, suggesting that organizations should conduct broader security reviews of their additive manufacturing infrastructure.

Best Practices for 3D Printer Security

Based on this vulnerability and similar industrial control system issues, security experts recommend:

Default Configuration Review

Always review and harden default configurations on industrial equipment. Default settings often prioritize functionality over security, creating potential vulnerabilities.

Regular Security Updates

Establish processes for regularly updating firmware and security patches across all industrial IoT devices, including 3D printers.

Network Security Controls

Implement robust network security controls, including:

  • Firewall rules restricting unnecessary network access
  • Intrusion detection systems monitoring for suspicious activity
  • Network segmentation isolating industrial equipment
  • VPN access for remote management

Physical Security Considerations

Don't overlook physical security measures. Physical access to industrial equipment can often bypass network security controls.

Looking Forward

The discovery of CVE-2025-10653 serves as an important reminder that all connected devices, including specialized equipment like 3D printers, require proper security consideration. As additive manufacturing becomes more integrated into industrial processes, security must keep pace with technological advancement.

Organizations using Raise3D Pro2 Series printers should immediately verify that developer mode is disabled and implement the recommended security controls. Those using other industrial 3D printing equipment should consider conducting similar security reviews to identify and address potential vulnerabilities.

The manufacturing sector's digital transformation brings tremendous benefits but also introduces new security challenges that require vigilant attention and proactive security measures. By treating industrial 3D printers as critical security assets rather than peripheral devices, organizations can better protect their operations and intellectual property from emerging threats.