Home

Description

An attacker may access restricted filesystem areas on the device via the CROWN REST interface due to incomplete whitelist enforcement. Certain directories intended for internal testing were not covered by the whitelist and are accessible without authentication. An unauthenticated attacker could place a manipulated parameter file that becomes active after a reboot, allowing modification of critical device settings, including network configuration and application parameters.

PUBLISHED Reserved 2026-02-11 | Published 2026-03-06 | Updated 2026-03-06 | Assigner SICK AG




CRITICAL: 9.4CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:H

Problem types

CWE-552 Files or Directories Accessible to External Parties

Product status

Default status
affected

Any version before 2.8.0
affected

Default status
affected

Any version before 2.8.0
affected

References

www.sick.com/psirt

www.sick.com/...lines_cybersecurity_by_sick_en_im0106719.pdf

www.cisa.gov/...es-tools/resources/ics-recommended-practices

www.first.org/cvss/calculator/3.1

www.sick.com/.well-known/csaf/white/2026/sca-2026-0006.json

www.sick.com/.well-known/csaf/white/2026/sca-2026-0006.pdf vendor-advisory

cve.org (CVE-2026-2330)

nvd.nist.gov (CVE-2026-2330)

Download JSON