The NCCIC has published an advisory on a use of hard-coded credentials vulnerability in SICK MSC800. All versions prior to 4.0 are affected. Successful exploitation of this vulnerability could allow a low-skilled remote attacker to reconfigure settings and/or disrupt the functionality of the device. SICK recommends affected users upgrade to the latest firmware version (v4.0). The NCCIC also advises of a series of measures for mitigating the vulnerabilities. Read the advisory at CISA.
H2OSecCon Spring 2024 - featuring panels and briefings on cybersecurity, physical security, operational resilience, and more - is on May 23. REGISTER NOW!