SICK Analytics Products Path Traversal Vulnerability Allowing Sensitive Information Disclosure

A path traversal vulnerability has been identified in multiple SICK analytics products, including SICK Baggage Analytics, SICK Tire Analytics, SICK Package Analytics, and SICK Logistic Diagnostic Analytics, all versions prior to 4.6.2. This vulnerability allows remote, unauthorized attackers to brute-force folders and files, such as private keys or configuration files, leading to the unintentional disclosure of sensitive information. The issue arises from missing authorization on certain endpoints, which could be exploited to access confidential data stored within the application.

Impact

Exploitation of this vulnerability could result in unauthorized access to sensitive information, including private keys and application configurations, which could be misused to compromise the application's security or functionality.

Reproduction

The vulnerability can be reproduced by sending requests that traverse the file system, targeting directories or files that contain sensitive information, such as private keys or configuration files. This can be done by brute-forcing file paths, taking advantage of the application's failure to properly restrict file access.

Remediation

Users are advised to update to the latest version of SICK Baggage Analytics, SICK Tire Analytics, SICK Package Analytics, and SICK Logistic Diagnostic Analytics. For versions 4.6.1 and prior, it is recommended to apply general security practices when operating the products, such as minimizing network exposure, restricting access, and following the SICK Operating Guidelines and ICS-CERT recommended practices for industrial security.