Anomalous Authentication Behavior in H2-DM1E PLCs
CVE-2024-45368

8.8HIGH

Key Information:

Vendor: Automationdirect
Status: Directlogic H2-dm1e
Vendor: CVE Published:; 13 September 2024

Summary

The H2-DM1E PLC by ABC Technologies features an authentication protocol that includes a unique encoding scheme or a challenge-response mechanism. However, it contains a significant flaw where multiple distinct packets are accepted as valid authentication responses. This deviation from conventional security protocols, which typically require a specific response for successful authentication, opens potential avenues for unauthorized access, compromising the integrity and functionality of systems utilizing this PLC.

Affected Version(s)

DirectLogic H2-DM1E 0 <= 2.8.0

References

https://www.cisa.gov/news-events/ics-advisories/icsa-24-2...

CVSS V3.1

Score:

8.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Adjacent Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Sep 13, 2024
Vulnerability Reserved
Sep 5, 2024

Collectors

NVD DatabaseMitre Database

Credit

Daniel Davenport, Nicholas Meier, Matthew Zelinsky, and Ryan Silva of John Hopkins Applied Physics Lab reported these vulnerabilities to CISA.