Dingtian DT-R002 Insufficiently Protected Credentials Vulnerability

A vulnerability exists in all versions of the Dingtian DT-R002 relay board, allowing attackers to extract the proprietary 'Dingtian Binary' protocol password. This insufficiently protected credentials vulnerability can be exploited by sending an unauthenticated GET request.

Impact

Exploitation of this vulnerability could lead to unauthorized extraction of the 'Dingtian Binary' protocol password.

Remediation

Dingtian has not responded to requests for mitigation. Users are advised to contact Dingtian customer support for more information. It is also recommended to restrict access to HTTP (TCP/80) and the Dingtian Protocol on UDP/60000 and UDP/60001. CISA suggests minimizing network exposure for control system devices, using firewalls to isolate control system networks from business networks, and employing secure remote access methods like VPNs.