SICK DL100 Unencrypted Transmission Vulnerability Allowing Pass-the-Hash Authentication
Vulnerability
A vulnerability exists in the SICK DL100-2xxxxxxx series, all firmware versions, due to the use of an unencrypted, proprietary communication protocol. This protocol transmits configuration data and handles device authentication. As a result, an attacker could intercept the authentication hash and exploit it to gain unauthorized access to the device using a pass-the-hash technique.
Impact
Exploitation of this vulnerability allows for unauthorized access to the device through intercepted authentication hashes, which can be used to bypass normal authentication mechanisms.
Remediation
SICK recommends applying general security practices when operating the DL100 devices. This includes minimizing network exposure, restricting network access, and following the SICK Operating Guidelines for Cybersecurity. These measures can help mitigate the associated security risks.
Vulnerability Rating
Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.