[blutack]

I wasn't aware of any specific vulnerabilities in the basic MQTT design (assuming it's over TLS).

I agree that MTLS for embedded m2m/IOT auth against MQTT is pretty standard (see AWS IOT, Azure etc) but do paper printers used in enterprise which have displays typically require MTLS for printing?

Surely any corporation with a security team would VLAN and null route these things anyway - only the enterprise targeted X1E model has an ethernet port, all the others are WiFi only.

[parasubvert]

I don't think their MQTT was over TLS traditionally (maybe they added this), it used to be that you just sent a message over unauthenticated MQTT and FTP'd your 3MF; the FTP had a password but that also was sent in the clear. https://github.com/darkorb/bambu-ftp-and-print

Most corps these don't want to deal with the hassle of VLANs and black holes for insecure devices.

[BeefWellington]

People have been using MQTT with TLS for years[1][2][3]. Long before the company and line of printers existed. It's not really an excuse to say "well they didn't use it" -- they should have simply offered people the necessary configuration options to enable it.

[1]: https://mosquitto.org/blog/2018/05/version-1-5-released/ [2]: https://forums.raspberrypi.com/viewtopic.php?t=287326 [3]: https://esp32.com/viewtopic.php?t=9747

[hWuxH]

Everything was sent in plaintext early on. But since 2022/2023 it's TLS: https://wiki.bambulab.com/en/security-incidents-cloud-traffi...