top of page
perceptive_background_267k.jpg

An attacker may access restricted filesystem areas on the device via the CROWN REST interface due to incomplete whitelist enforcement. Certain directories inten…

Published:

5 maart 2026 om 23:00:00

Alert date:

6 maart 2026 om 09:02:49

Source:

nvd.nist.gov

Click to open the original link from this advisory

Critical Infrastructure, Mobile & IoT, Network Infrastructure

CVE-2026-2330 describes a critical vulnerability in SICK devices where the CROWN REST interface has incomplete whitelist enforcement. Unauthenticated attackers can access restricted filesystem areas, particularly directories intended for internal testing that were not properly protected by the whitelist. This allows attackers to place manipulated parameter files that become active after device reboot, enabling modification of critical device settings including network configuration and application parameters. The vulnerability affects industrial control systems and poses significant risks to operational technology environments.

Technical details

Mitigation steps:

Affected products:

SICK CROWN REST interface

Related links:

https://nvd.nist.gov/vuln/detail/CVE-2026-2330
https://www.cisa.gov/resources-tools/resources/ics-recommended-practices
https://www.first.org/cvss/calculator/3.1
https://www.sick.com/.well-known/csaf/white/2026/sca-2026-0006.json
https://www.sick.com/.well-known/csaf/white/2026/sca-2026-0006.pdf
https://www.sick.com/media/docs/9/19/719/special_information_sick_operating_guidelines_cybersecurity_by_sick_en_im0106719.pdf
https://www.sick.com/psirt

Related CVE's:

Related threat actors:

IOC's:

This article was created with the assistance of AI technology by Perceptive.

About us

© 2025 by Perceptive Security. All rights reserved.

email: info@perceptivesecurity.com

Deze website toont informatie afkomstig van externe bronnen; Perceptive aanvaardt geen verantwoordelijkheid voor de juistheid, volledigheid of actualiteit van deze informatie.

bottom of page