Dingtian DT-R002 Insufficiently Protected Credentials Vulnerability

A vulnerability exists in all versions of the Dingtian DT-R002 relay board, allowing an attacker to retrieve the current user's username without authentication. This issue is due to insufficient protection of credentials, which could be exploited to access sensitive information remotely and with low complexity.

Impact

Exploitation of this vulnerability could lead to unauthorized retrieval of usernames from the affected device.

Remediation

Dingtian has not responded to requests for mitigation. Users are advised to contact Dingtian customer support for more information. CISA recommends restricting access to HTTP and the Dingtian Protocol on specific UDP ports, minimizing network exposure for control system devices, and using secure remote access methods like VPNs. Organizations should also follow CISA's recommended practices for ICS cybersecurity.