CVE-2026-2330
Unauthorized Filesystem Access via CROWN REST Interface Whitelist Bypass
Publication date: 2026-03-06
Last updated on: 2026-03-06
Assigner: SICK AG
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-552 | The product makes files or directories accessible to unauthorized actors, even though they should not be. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability allows an attacker to access restricted filesystem areas on a device through the CROWN REST interface because the whitelist enforcement is incomplete.
Some directories meant only for internal testing are not included in the whitelist and can be accessed without any authentication.
An unauthenticated attacker can place a manipulated parameter file in these accessible directories, which becomes active after the device reboots.
This manipulated file can modify critical device settings such as network configuration and application parameters.
What immediate steps should I take to mitigate this vulnerability?
I don't know
How can this vulnerability impact me? :
The vulnerability can have severe impacts including unauthorized modification of critical device settings.
An attacker could change network configurations and application parameters, potentially disrupting device operation or enabling further attacks.
Since the attacker does not need authentication, this increases the risk of exploitation and compromise of the device.
How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:
I don't know
How can this vulnerability be detected on my network or system? Can you suggest some commands?
I don't know