CVE-2026-2330 - Vulnerability Analysis
CriticalCVSS: 9.4Last Updated: March 9, 2026
CROWN - Broken Access Control
Overview
CROWN device contains a broken access control caused by incomplete whitelist enforcement in the REST interface, letting unauthenticated attackers modify critical device settings after reboot, exploit requires no authentication.
Severity & Score
Impact
Unauthenticated attackers can modify critical device settings, potentially disrupting network and application configurations.
Mitigation
Update to the latest version with proper whitelist enforcement.
References
- https://www.sick.com/media/docs/9/19/719/special_information_sick_operating_guidelines_cybersecurity_by_sick_en_im0106719.pdf
- https://www.sick.com/psirt
- https://www.cisa.gov/resources-tools/resources/ics-recommended-practices
- https://www.first.org/cvss/calculator/3.1
- https://www.sick.com/.well-known/csaf/white/2026/sca-2026-0006.json
- https://www.sick.com/.well-known/csaf/white/2026/sca-2026-0006.pdf
Social Media Activity(1 post)
🚨 CRITICAL: CVE-2026-2330 in SICK Lector85x lets remote, unauthenticated attackers modify device configs via the CROWN REST interface. Patch or restrict access now to prevent OT compromise. https://radar.offseq.com/threat/cve-2026-2330-cwe-552-files-or-directories-accessi-493bd9c6 #OffSeq #ICS #Vulnerability #Infosec
View original postRelated Resources
Details
- CVE ID
- CVE-2026-2330
- Severity
- Critical
- CVSS Score
- 9.4
- Type
- broken_access_control
- Status
- unconfirmed
- EPSS
- 21.0%
- Social Posts
- 1
CWE
- CWE-552
CVSS Metrics
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:H