sca-2024-0007
Vulnerability from csaf_sick
Published
2024-12-31 00:00
Modified
2024-12-31 00:00
Summary
Vulnerability in SICK OLM
Notes
summary
SICK received a report about a vulnerability in the SICK Support Portal supportportal.sick.com, which was hosted and operated by a third-party service provider.
Due to a misconfiguration, the access restriction of a NFS (Network File System) storage system has failed, which resulted in temporary unauthorized access to the file share. SICK initiated remediating measures immediately after becoming aware of the security incident. SICK requested all available log data and carried out a comprehensive analysis. The SICK incident response team analysed the data and found product related files that could enable an attacker to potentially impact the availabilty, integrity and confidentiality of the affected products. To reduce the risk to our customers, SICK provided mitigations for the affected products.
It is highly recommended to upgrade the affected products to the latest release or implement the suggested workarounds.
General Security Measures
As general security measures, SICK recommends to minimize network exposure of the devices, restrict network access and follow recommended security practices in order to run the devices in a protected IT environment.
Vulnerability Classification
SICK performs vulnerability classification by using the CVSS scoring system (*CVSS v3.1*). The environmental score is dependent on the customer’s environment and can affect the overall CVSS score. SICK recommends that customers individually evaluate the environmental score to achieve final scoring.
{
"document": {
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en-US",
"notes": [
{
"category": "summary",
"text": "SICK received a report about a vulnerability in the SICK Support Portal supportportal.sick.com, which was hosted and operated by a third-party service provider. \nDue to a misconfiguration, the access restriction of a NFS (Network File System) storage system has failed, which resulted in temporary unauthorized access to the file share. SICK initiated remediating measures immediately after becoming aware of the security incident. SICK requested all available log data and carried out a comprehensive analysis. The SICK incident response team analysed the data and found product related files that could enable an attacker to potentially impact the availabilty, integrity and confidentiality of the affected products. To reduce the risk to our customers, SICK provided mitigations for the affected products. \n\nIt is highly recommended to upgrade the affected products to the latest release or implement the suggested workarounds.\n\n ",
"title": "summary"
},
{
"category": "general",
"text": "As general security measures, SICK recommends to minimize network exposure of the devices, restrict network access and follow recommended security practices in order to run the devices in a protected IT environment.",
"title": "General Security Measures"
},
{
"category": "general",
"text": "SICK performs vulnerability classification by using the CVSS scoring system (*CVSS v3.1*). The environmental score is dependent on the customer\u2019s environment and can affect the overall CVSS score. SICK recommends that customers individually evaluate the environmental score to achieve final scoring.",
"title": "Vulnerability Classification"
}
],
"publisher": {
"category": "vendor",
"contact_details": "psirt@sick.de",
"issuing_authority": "SICK PSIRT is responsible for any vulnerabilities related to SICK products.",
"name": "SICK PSIRT",
"namespace": "https://www.sick.com/psirt"
},
"references": [
{
"summary": "SICK PSIRT Security Advisories",
"url": "https://sick.com/psirt"
},
{
"summary": "SICK Operating Guidelines",
"url": "https://cdn.sick.com/media/docs/1/11/411/Special_information_CYBERSECURITY_BY_SICK_en_IM0084411.PDF"
},
{
"summary": "ICS-CERT recommended practices on Industrial Security",
"url": "https://www.cisa.gov/resources-tools/resources/ics-recommended-practices"
},
{
"summary": "CVSS v3.1 Calculator",
"url": "https://www.first.org/cvss/calculator/3.1"
},
{
"category": "self",
"summary": "The canonical URL.",
"url": "https://www.sick.com/.well-known/csaf/white/2024/sca-2024-0007.json"
}
],
"title": "Vulnerability in SICK OLM",
"tracking": {
"current_release_date": "2024-12-31T00:00:00.000Z",
"generator": {
"date": "2025-01-02T00:40:41.744Z",
"engine": {
"name": "Secvisogram",
"version": "2.5.16"
}
},
"id": "SCA-2024-0007",
"initial_release_date": "2024-12-31T00:00:00.000Z",
"revision_history": [
{
"date": "2024-12-31T00:00:00.000Z",
"number": "1",
"summary": "Initial version"
},
{
"date": "2025-01-02T11:00:00.000Z",
"number": "2",
"summary": "Updated titel and description."
}
],
"status": "final",
"version": "2"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/*",
"product": {
"name": "SICK OLM all versions",
"product_id": "CSAFPID-0001"
}
}
],
"category": "product_name",
"name": "OLM"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/*",
"product": {
"name": "SICK OLM Firmware all versions",
"product_id": "CSAFPID-0007"
}
}
],
"category": "product_name",
"name": "OLM Firmware"
}
],
"category": "vendor",
"name": "SICK AG"
}
],
"relationships": [
{
"category": "installed_on",
"full_product_name": {
"name": "SICK OLM all Firmware versions",
"product_id": "CSAFPID-0008"
},
"product_reference": "CSAFPID-0007",
"relates_to_product_reference": "CSAFPID-0001"
}
]
},
"vulnerabilities": [
{
"cwe": {
"id": "CWE-200",
"name": "Exposure of Sensitive Information to an Unauthorized Actor"
},
"notes": [
{
"audience": "all",
"category": "summary",
"text": "Due to a misconfiguration in the SICK Support Portal supportportal.sick.com, the access restriction of a NFS (Network File System) storage system has failed, which resulted in temporary unauthorized access to the file share. \nThe service password of the SICK OLM got leaked, that could enable an attacker to potentially impact the availabilty, integrity and confidentiality.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0008"
]
},
"remediations": [
{
"category": "workaround",
"details": "The password of the OLM is not changeable. Please make sure that you apply general security practices when operating the products. The following General Security Practices and Operating Guidelines could mitigate the associated security risk.",
"product_ids": [
"CSAFPID-0008"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"environmentalScore": 8.8,
"environmentalSeverity": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"temporalScore": 8.8,
"temporalSeverity": "HIGH",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0008"
]
}
]
}
]
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.
Loading…
Loading…