FKIE_CVE-2026-2331

Vulnerability from fkie_nvd - Published: 2026-03-06 08:16 - Updated: 2026-03-09 13:35
Severity ?
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Summary
An attacker may perform unauthenticated read and write operations on sensitive filesystem areas via the AppEngine Fileaccess over HTTP due to improper access restrictions. A critical filesystem directory was unintentionally exposed through the HTTP-based file access feature, allowing access without authentication. This includes device parameter files, enabling an attacker to read and modify application settings, including customer-defined passwords. Additionally, exposure of the custom application directory may allow execution of arbitrary Lua code within the sandboxed AppEngine environment.
References
psirt@sick.dehttps://www.cisa.gov/resources-tools/resources/ics-recommended-practices
psirt@sick.dehttps://www.first.org/cvss/calculator/3.1
psirt@sick.dehttps://www.sick.com/.well-known/csaf/white/2026/sca-2026-0006.json
psirt@sick.dehttps://www.sick.com/.well-known/csaf/white/2026/sca-2026-0006.pdf
psirt@sick.dehttps://www.sick.com/media/docs/9/19/719/special_information_sick_operating_guidelines_cybersecurity_by_sick_en_im0106719.pdf
psirt@sick.dehttps://www.sick.com/psirt
Impacted products
Vendor Product Version
To clipboard 

{
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "An attacker may perform unauthenticated read and write operations on sensitive filesystem areas via the AppEngine Fileaccess over HTTP due to improper access restrictions. A critical filesystem directory was unintentionally exposed through the HTTP-based file access feature, allowing access without authentication. This includes device parameter files, enabling an attacker to read and modify application settings, including customer-defined passwords. Additionally, exposure of the custom application directory may allow execution of arbitrary Lua code within the sandboxed AppEngine environment."
    },
    {
      "lang": "es",
      "value": "Un atacante puede realizar operaciones de lectura y escritura no autenticadas en \u00e1reas sensibles del sistema de archivos a trav\u00e9s del acceso a archivos de AppEngine sobre HTTP debido a restricciones de acceso inadecuadas. Un directorio cr\u00edtico del sistema de archivos fue expuesto involuntariamente a trav\u00e9s de la funci\u00f3n de acceso a archivos basada en HTTP, permitiendo el acceso sin autenticaci\u00f3n. Esto incluye archivos de par\u00e1metros del dispositivo, permitiendo a un atacante leer y modificar la configuraci\u00f3n de la aplicaci\u00f3n, incluyendo contrase\u00f1as definidas por el cliente. Adem\u00e1s, la exposici\u00f3n del directorio de la aplicaci\u00f3n personalizada puede permitir la ejecuci\u00f3n de c\u00f3digo Lua arbitrario dentro del entorno aislado de AppEngine."
    }
  ],
  "id": "CVE-2026-2331",
  "lastModified": "2026-03-09T13:35:34.633",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 9.8,
          "baseSeverity": "CRITICAL",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 5.9,
        "source": "psirt@sick.de",
        "type": "Secondary"
      }
    ]
  },
  "published": "2026-03-06T08:16:27.450",
  "references": [
    {
      "source": "psirt@sick.de",
      "url": "https://www.cisa.gov/resources-tools/resources/ics-recommended-practices"
    },
    {
      "source": "psirt@sick.de",
      "url": "https://www.first.org/cvss/calculator/3.1"
    },
    {
      "source": "psirt@sick.de",
      "url": "https://www.sick.com/.well-known/csaf/white/2026/sca-2026-0006.json"
    },
    {
      "source": "psirt@sick.de",
      "url": "https://www.sick.com/.well-known/csaf/white/2026/sca-2026-0006.pdf"
    },
    {
      "source": "psirt@sick.de",
      "url": "https://www.sick.com/media/docs/9/19/719/special_information_sick_operating_guidelines_cybersecurity_by_sick_en_im0106719.pdf"
    },
    {
      "source": "psirt@sick.de",
      "url": "https://www.sick.com/psirt"
    }
  ],
  "sourceIdentifier": "psirt@sick.de",
  "vulnStatus": "Awaiting Analysis",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-552"
        }
      ],
      "source": "psirt@sick.de",
      "type": "Secondary"
    }
  ]
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.



Detection rules are retrieved from Rulezet.